SA made software Snode is always learning how to protect your network

October 26, 2016



Source: htxt.africa

 

A new firm offering a cyber security solution unlike anything we’ve seen before launched in South Africa today.

The firm’s name is Snode and its claim to fame is a piece of software that monitors a network looking for malicious traffic, intrusions and other cyber threats and. On the surface, Snode – the name of the firm and its software – appears to be another firewall product but after attending a fairly length launch earlier this morning we can confirm that Snode is not a firewall, but rather something more advanced.

The software uses machine learning and mathematical algorithms to alert businesses to possible threats on its network. What sets Snode apart from a standard firewall is that it is constantly looking for patterns in behaviour. For instance: if an employee starts accessing a folder on a file server that they’ve never accessed before, and they begin to pull down large amounts of data, a regular firewall might not flag that as a potential risk.

But Snode would.

This is because software such as a firewall looks at potential risks in a vacuum, but Snode is constantly looking for patterns in the data it receives whether it be from a user or an attacker attempting to kick down the door.

As the firm points out, companies aren’t exactly plastering news of their latest hack on the front page of a newspaper. Instead, they try and keep cyber attacks secretive. This makes finding solutions particularly difficult because vital information that could prevent a similar attack on another company isn’t shared.

“Cyber criminals are constantly sharing the tools and weapons they use and defenders are hesitant to talk about hacks,” Snode chief executive officer, Nadir Khamissa says. “Defenders have to juggle so many plates and constantly make sure they’re using the right techniques to fend off attacks. Attackers only need to succeed once, defenders have to successfully defend constantly.”

Snode addresses this problem by sharing the information it gleens from other attacks and using what it has learned to warn the right people before its too late.

As Snode founder, Nithen Naidoo explains “Traditional signature based protocols look at data in isolation. Threat intelligence helps but is retroactive, signature based protocols are reactive, Snode is proactive.”

During today’s launch Naidoo showed us the difference between a firewall and their software. Naidoo started off by triggering a scan of a network using Nessus. The Nessus software, as Naidoo explains it, is designed to look for all the weak points on a network that an attacker might exploit. Snode immediately picked up that an IP address was scanning ports, the firewall sent out no alerts.

Once the scan was complete Naidoo began a brute-force attack on the network. As you may know a brute-force attack constantly tries to “guess” a username and password combination until it gets it right. Snode immediately picked up Naidoo’s attack and even provided the number of guesses the brute-force programme had made. The firewall , again, detected nothing wrong on the network.

“We are not saying you don’t need a firewall,” explains Naidoo. “A firewall is often unable to differentiate between a malicious login attempt and a real one, Snode provides that context.”

All of this information is delivered to users in a very clean and easy to use dashboard. Where reports are often comprised of jargon entwined in more jargon, Snode presents its findings in plain English so that anybody can understand where the problems are.

Snode admits that no service is hack-proof but Naidoo assures us that the data it shares within its ecosystem is encrypted.

Naidoo also tells us that this software has been developed and battle tested for the last seven years and the firm seems confident in its product. Time, however, will be the great decider on whether it will be effective. But, truth be told, its an interesting approach to cyber security that we have not yet seen. And who knows, in the coming years we might be singing the praises of a small firm from South Africa that helped hundred’s of blue-chip firms prevent intrusions on their networks.

Next

Snode launches in SA

October 27, 2016

Source: ITWeb Africa   UK-based cyber-intelligence company Snode has launched in South Africa, aiming to use its advanced technology to secure businesses, especially in the banking sector. Snode uses advanced mathematical algorithms, the processing power of learning machines, and predictive analytics to provide businesses with real-time intelligence and insights into behavioural patterns that help identify and combat cyber-threats before they occur. The company's cyber-intelligence solution looks to help clients proactively manage their cybersecurity posture, with Snode saying this empowers businesses to be driven forward through embracing emerging technologies. A team of 12 consultants with extensive cybersecurity expertise and experience is spread across Snode's offices in Johannesburg and London, with the company advising on cybersecurity matters across various sectors, particularly financial services but also mining, professional services and aerospace. "Snode's application in cybersecurity leverages years of expertise in cyber-intelligence and mathematics," said Nithen Naidoo, CIO at Snode. "The company believes it provides a much needed service in South Africa; cybercriminals are now, more than ever, turning their attention to emerging markets which they perceive to be easy, yet lucrative, targets." Snode uses Intelligence Amplification (IA), combining machine learning with human experience and insight. This differs from Artificial Intelligence AI), which aspires to replace human involvement altogether. The company's focus in South Africa will be the banking sector, which it says is particularly vulnerable in emerging markets, as evidenced by the recent increase in SWIFT attacks. Cyberattacks frequently come from advanced and highly motivated crime syndicates which are dispersed globally, with the company saying equally sophisticated methods are needed to combat it. "Snode believes that a more proactive and innovative approach to cybersecurity is needed. South Africa is already in the midst of a cybersecurity storm," Naidoo said. "Snode brings existing security controls into a next-generation cyber-defence, capable of defeating today's sophisticated and dynamic attackers." He said data is the core of any business, and therefore it is of the utmost importance to effectively secure information and protect it against cyber-threats. "Snode tips the balance in cyber-warfare, to favour the defenders and root-out the attackers. Passively monitoring massive amounts of data traversing client networks, giving Snode a comprehensive view of all activities. It detects and reports suspicious behavioural patterns, as well as various anomalies, in real-time. No conventional solution does this," said Naidoo.