Why Light Point Security is all about ‘isolation’
Posted on by Zuly GonzalezCategories Light Point Security Update, Security, Web SecurityLeave a comment on Why Light Point Security is all about ‘isolation’

Why Light Point Security is all about ‘isolation’Stephen Babcock, the Lead Reporter for Technical.ly Baltimore, recently interviewed me for a feature story on “Why Light Point Security is all about ‘isolation’” where we discussed Light Point Security’s technology, why isolation is better than detection and our latest partnerships. In case any of you missed it, below is an excerpt from the story.

 

 

Light Point Security is looking to pick up some new customers.

The cybersecurity firm, which is based out of bwtech@UMBC, recently inked a pair of new deals that are designed to grow the customer base, said CEO Zuly Gonzalez.

The five-person company makes a product called Light Point Web, which protects users’ computers from malware by providing a separate server for browsing. That separate server ensures that malware never reaches the users’ computer.

Gonzalez said it’s a different approach from other cybersecurity products, which rely on algorithms to detect potential threats.

“There’s so much new bad stuff being created everyday that these algorithms can’t keep up,” Gonzalez said. “We take a different approach. Our security is based on isolation.”

You can read the full story on Technical.ly Baltimore’s website here.

Light Point Web Integrates With Metascan Online to Protect Against Malicious Downloads
Posted on by Beau AdkinsCategories Computer Security, Light Point Security Update, Light Point Web, Security, Web SecurityLeave a comment on Light Point Web Integrates With Metascan Online to Protect Against Malicious Downloads

OPSWAT LogoWe recently added a new feature to Light Point Web that warrants some extra recognition. We have added a server-side integration with OPSWAT’s Metascan Online service to provide yet another best-in-class layer of security for our users.

Metascan Online is a cloud service that can scan files with over 40 anti-virus engines, and do so in a matter of seconds. The fact that Metascan Online uses so many anti-virus engines is important. Just because one anti-virus engine claims that a file is safe, it doesn’t mean it is. It could be safe… or it could just be that this is a newer virus that has not been identified by that anti-virus vendor yet. It is actually common for new malware to only be identified by a small number of the anti-virus engines. With Metascan Online using so many anti-virus engines, we can get a much greater level of confidence that a safe file is indeed safe.

With our integration with Metascan Online, our users will get an extra level of assurance that every file they download is safe without having to wait around for the results. We offer this service for no extra charge for our cloud users.

How Does It Work?

When a user wants to download a file, Light Point Web will ask for their permission. If they say yes, that file will be downloaded to the Light Point Web server. Light Point Web will then ask Metascan Online to scan that file. If it is safe, the file is streamed to the user’s computer and the user is informed of the scan results.

LPS download no threats detected

If, on the other hand, the file is found to be malicious, the download is blocked and a message informs the user why.

LPS download threat detected

This all happens seamlessly to the user, so no extra work is required by the user to get this additional layer of protection.

Coming soon: If a file is found to be malicious, the dialog will also include a link to the scan results so that you can see further details on the threat detected and which engines detected it.

Enterprise Options

For our enterprise customers, we offer a couple of options: Metascan Online or Metascan on-premises. OPSWAT offers both a cloud version and an on-premise version of Metascan. This gives our enterprise customers the flexibility of choosing the option that works best for them.

If you are interested in learning more about how Light Point Web protects you while browsing the web, contact us, or sign up for a free trial to experience worry free web browsing for yourself.

The Weakest Link in Your Company’s Security
Posted on by Joanie NelsonCategories Computer Security, SecurityLeave a comment on The Weakest Link in Your Company’s Security

Employees are the weakest link in your securityAre your employees creating a security risk in your company? Did you know that employees were the second highest cause for data breaches, after criminal attacks? Here are some common ways well-meaning employees can cause data breaches:

1. E-mail

People are quick to trust banks, universities, and friends, and will instinctively want to open the email and click on the link. Even when the mail filter sends the e-mail to the junk/spam folder, employees have been known to open that email anyway, because the subject line has caught their interest.

Not only are employees targets, but contractors working for companies are targets as well. It was recently noted that the massive Target breach last year was initiated through a phishing e-mail to Target contractors working for an HVAC company. This incident is proof that when employees open emails, not only is your company data at risk, but your customer data is as well.

2. Links

Shortened links can fool anyone, especially when it seems it’s from a trusted source, such as a news source. It’s always a good idea for employees to expand the shortened link to see where it’s taking them, before clicking on the link.

3. Ads

Online advertising is growing every year, and with that growth comes more malware. How easy is it to accidentally click on an ad? It’s very easy! I did this two weeks ago on accident. I have been a Mac user for 6 years and my previous time using Windows had been nearly erased from my memory. I felt clumsy bumping around that operating system. When I went to go download an open source program for a class, I hit download. And then I hit run. As I was watching it load, within 15 seconds I knew this was not the program I needed, but it was too late. I had loaded mysearchdial and it was proud to be on my computer. It didn’t want to leave. Luckily, it was just that and nothing more nefarious.

On my Mac, the ad above the real download link was something unrelated to the page. I could easily tell the difference.

Ad on my Mac. Notice it’s a Google link. An obvious Google link.
Ad on Windows.

On Windows, I was easily fooled. Had I paid more attention, I would have noticed it was an ad. If I had squinted my eyes more I would have seen the word advertisement. Imagine how easy it is for an employee to do this and possibly cause a major issue for their company, not to mention their customers.

What Can a Business Do to Protect Against Employee Missteps?

Security training and awareness for employees can go a long way. Some may not know to leave the junk mail in the junk mail folder. They may not be able to help their curiosity because the subject line or link is just too enticing. If it seems too good to be true, you’re probably right. A simple training meeting could bring the needed security awareness to the company and possibly mitigate employee negligence.

However, while security awareness training is helpful, it’s not enough on its own. The hard truth is that your employees will never care as much about your company’s security as you do. If they receive an especially enticing link, and even if they have been trained to ignore it, they may still feel it’s worth the risk to take a quick peek.

And in a perfect world where all your employees followed all of their training perfectly, they can still be putting your company’s security at risk. For example, earlier I stated that shortened links should be expanded before clicking. What if it points to a well-known, reputable news site? Their training would say it’s safe to click. But even the most well-known, most reputable sites can and have been hacked to spread malware to its visitors. This is a problem that goes way beyond training and trust.

This is the problem that we solve. When employees use Light Point Web, your security no longer depends on training and trust. Light Point Web can allow your employees to browse the web without any sites reaching your computers. So the most dangerous site in the world poses no more threat than the safest site in the world. You can set policies to say what types of files employees can download, from what sources, or stop them from downloading anything at all. Clicking links in email will automatically launch it in Light Point Web, because it integrates seamlessly into your standard browsers.

If you are interested in learning more about how Light Point Web can protect your business, contact us.

As cyber attacks multiply, so do insurance policies that cover damages
Posted on by Zuly GonzalezCategories Computer Security, Light Point Security Update, SecurityLeave a comment on As cyber attacks multiply, so do insurance policies that cover damages

Baltimore Business Journal interviews Zuly GonzalezRyan McDonald, the Digital Producer for the Baltimore Business Journal, recently interviewed me for the publication’s latest cybersecurity story, “As cyber attacks multiply, so do insurance policies that cover damages,” where he discusses the pros and cons of purchasing cybersecurity insurance and how to go about it. I thought it was worth sharing here on our blog in case any of you missed it. Below is an excerpt from the story.

 

In the wake of high-profile security breaches that have affected major companies and universities, a growing number of firms are pushing a relatively new product for businesses: cyber security insurance.

American International Group Inc. is the latest big name to introduce a new offering. AIG this week announced it has started offering cyber security insurance to cover property damage and bodily injury.

“More insurance companies are jumping on that bandwagon and starting to offer cyber insurance,” Zuly Gonzalez, CEO of Baltimore-based cyber firm Light Point Security said.

The question for businesses is whether such policies are worth the money.

While purchasing cyber insurance could help your business alleviate some of the damages associated with a possible security breach, it may not be the right fit for every business owner.

“You have to make a decision on where you fit in terms of your risk profile,” Gonzalez said.

Companies should take the time to research the costs and benefits of cyber insurance, she said

You can read the full story on the Baltimore Business Journal’s website here.

Light Point Security: One of Maryland’s Cyber Warriors
Posted on by Zuly GonzalezCategories Light Point Security Update, Security, StartupsLeave a comment on Light Point Security: One of Maryland’s Cyber Warriors

Light Point Security is one of Maryland's hottest cybersecurity companiesThe CyberMaryland initiative published a very nice booklet titled “CyberMaryland: Meet Maryland’s Cyber Warriors” that showcases the many resources, opportunities and companies in Maryland’s cybersecurity ecosystem. The booklet was promoted during last week’s CyberMaryland 2013 Conference and will also be available at the RSA 2014 Conference.

Part of the booklet focused on showcasing Maryland’s hottest cybersecurity companies, and Light Point Security was one of the few companies chosen. We are honored to be mentioned alongside some of Maryland’s most successful cybersecurity companies like Sourcefire (who was acquired by Cisco for $2.7 billion just a few days ago), Tenable and Lockheed Martin.

Our CEO, Beau Adkins, sat down for a one-on-one interview with CyberMaryland. Below is the interview.

Q: How did you start out – what is the “backstory”?

A: We started Light Point Security because we recognized that the security industry was in desperate need of true innovation.

My co-founder, Zuly Gonzalez, and I are both former NSA employees with over 23 years of combined experience in offensive and defensive security. At NSA we worked on some of the most challenging security problems facing our nation. We realized that our national security was in jeopardy if the security industry kept going down the same path of attempting to detect malware after it had already reached the network.

We also saw how the impact of malware went well beyond the initial infection, in some cases causing companies to go out of business. We saw a huge opportunity, had the right skills to solve the problem and cared deeply about solving it. This lead to our decision to leave our secure government jobs to start Light Point Security, and create a product that truly protects you from web-based malware. We are dedicated to changing the way security professionals think about security.

Q: Who are your customers?

A: Our customers are enterprises in industries that deal with sensitive, confidential or proprietary information. For example, the financial, banking and defense industries. We have also had great success working with companies offering products that complement Light Point Web Enterprise.

Q: What makes you stand out from your competition?

A: Computer security hasn’t changed much in the last decade. Current security products rely on detecting malware in order to protect the user. The problem with this approach is that the rate of growth at which malware is being created on a daily basis makes it impossible for these detection-based products to keep up. As a result, malware easily evades these defenses and wreaks havoc on an enterprise.

Instead of trying to detect malicious software, our award-winning product assumes all web content is malicious and isolates it in a disposable container where it can do no harm. Furthermore, it happens automatically and invisibly to the employee, and without the need for constant updates. Light Point Web Enterprise requires no change in user behavior, no user training and no additional programs for the employee to deal with. They simply browse the web the way they always have, but with a level of protection no other security product can offer.

Q: Where do you see the company in 3 or 5 years?

A: Light Point Security will be a nationally recognized name in enterprise security, and a leader in the isolation-based security space. Light Point Security will be a center of cybersecurity innovation in Maryland, with a suite of products to protect our customers from even the most advanced malware. With a company culture that encourages innovation, Light Point Security will be the place where security professionals from all over the country will want to work.

Q: Why is Maryland so important to your organization?

A: Being headquartered in Maryland is the ideal location for cybersecurity companies. Fort Meade, other federal installations and top notch universities have been attracting cybersecurity talent to the state for years. With the high demand that is being placed on cybersecurity experts, hiring the best of the best can be challenging, but it is crucial to the success of a company. Tapping into Maryland’s thriving community of security professionals gives Light Point Security a competitive edge.

In addition, the abundance of cybersecurity resources, like the bwtech@UMBC Cyber Incubator, and Maryland’s dedication to growing the cybersecurity industry in the state means that there is no better place in the country to start and grow a business like ours.

 Light Point Security one of Maryland's cyber warriors

Light Point Security CEO to Moderate CyberMaryland 2013 Panel on Cybersecurity Innovation and Trends
Posted on by Zuly GonzalezCategories Events, Light Point Security Update, Security1 Comment on Light Point Security CEO to Moderate CyberMaryland 2013 Panel on Cybersecurity Innovation and Trends

CyberMaryland 2013 Light Point Security Panel

We’re looking forward to the CyberMaryland 2013 Conference being held Oct 8 – 9 at the Baltimore Convention Center in Baltimore, MD. CyberMaryland is a unique conference spanning two days during Cybersecurity Awareness Month that will address the biggest challenges facing America, including future innovation to meet the security challenges facing our country; collaboration across industry, government and educational institutions; and the development of a generation of cyber-warriors.

Not only will it be an opportunity for us to catch up with old friends, but our CEO, Beau Adkins, will be moderating an excellent panel on cybersecurity innovation and future trends. The idea for the panel stemmed from the fact that we wanted to get some of the best minds in security together to have a candid discussion on the current issues facing the industry and how they see innovation and trends evolving over time to combat the threat.

Panel Title

What’s Here, What’s Coming and What to Do About It

Panel Abstract

Listen in on a lively discussion of today’s and tomorrow’s trends in cyber security led by a panel of the area’s top minds in the field. The panel will include CISOs, founders of cyber security contracting companies and creators of next generation cyber security products from the healthcare, finance, government and commercial sectors. Learn what these individuals see every day and what they do to protect against them. Find out what they expect to encounter in the months and years ahead, and what they are doing to prepare.

Each panelist will take a deep dive into today’s threat landscape for their industry and share the tactics they employ to protect against them. They will discuss the current trends and innovations occurring within the industry and share their predictions of what’s to come in the next few years.

Panelists

  • Moderator – Beau Adkins, Co-founder and CEO at Light Point Security
  • Panelist #1 – Jason Taule, Chief Security and Privacy Officer at FEi Systems
  • Panelist #2 – John Harmon, Partner at Tactical Network Solutions
  • Panelist #3 – Jeff Huegel, Executive Director, Cloud, Hosting and Applications Security at ATT
  • Panelist #4 – Dana Pickett, CISO and CPO at Allegis Group

Panel Format

  • Introduction: What is cybersecurity? (3 – 5 minutes)
  • Panelist introductions (5 minutes)
  • Panelist discussion
  • Questions from audience (10 – 15 minutes)
  • Closing remarks (5 – 10 minutes)

Panel Time

Wednesday October 9, 2013 11:15am – 12:00pm

Do you have a specific question or particular topic you would like to hear the panelists discuss? Submit your questions and topic suggestions to us via Twitter or email. Looking forward to our panel? Let us know on Twitter using hashtag #CyberMD2013.

Register for the conference here. If you are a full-time college student you can attend the conference for free if you register by Oct 1 and use discount code UMstudent.

Building a Cybersecurity Startup in Maryland
Posted on by Zuly GonzalezCategories Events, Light Point Security Update, Security, StartupsLeave a comment on Building a Cybersecurity Startup in Maryland

Technically Baltimore Cybersecurity EventI was invited to speak last week at Technically Baltimore’s event on Growing Maryland’s Cybersecurity Industry. They invited a series of speakers to give 4 – 5 minute lightning talks on a variety of topics that explore the growing cybersecurity industry in Maryland. The goal was to discuss how we can grow Maryland’s cybersecurity industry to create more jobs.

The event took place at CyberPoint’s beautiful Inner Harbor location in Baltimore. It was very well organized, and I very much enjoyed attending and speaking.

In my presentation I shared the story behind Light Point Security, and talked about what it’s like to build a cybersecurity startup in Maryland. I mentioned the good resources Maryland has to offer for cybersecurity companies, and also shared my thoughts on what Maryland is lacking to truly become the cybersecurity leader in the country.

As I said in my talk, the one area where I think Maryland is lacking is in funding opportunities for very early stage companies. We definitely have the intellectual resources in this region to compete with the likes of Silicon Valley, but we need to make more financial resources available to very early stage companies if we really want to be competitive with the West coast. I feel this is the last ingredient needed to make Maryland the unrivaled leader in cybersecurity.

Here’s a video of my 5 minute talk:

Also, take a look at this nice write up by Technically Baltimore on my presentation.

Securing Your WordPress Site: Top Plugins
Posted on by Beau AdkinsCategories How To, Security, Web Security4 Comments on Securing Your WordPress Site: Top Plugins

WordPress LogoWordPress is huge. It is currently the most popular blogging system in use, and it manages 22% of all new websites. We use it for our site, and I would personally recommend it to anyone thinking of creating a new website.

However, because it is so popular, it becomes a target for hackers. Right now, automated bots are crawling the web looking for WordPress sites to attack. If you take some time to protect yourself, you can greatly reduce your chances of having a problem.

With that, I decided it would be useful to share some of the tips and tricks I have learned to protect our site. There is too much for one blog post, so I will release others over time, but I will start with the most important ones.

So, here are my recommendations for the 4 best WordPress security plugins. All WordPress plugins are easy to install, but some may take some time to configure correctly.

  1. WordPress File Monitor Plus. This plugin is used to alert you anytime a file on your site changes. When a WordPress site gets hacked, what actually happens is the attacker adds one or more files to your site, or they alter one that is already there. A WordPress installation consists of hundreds of files, so it’s very easy to blend in and not be noticed. But with just one file, attackers have the ability to change your site however they want, including attacking your site’s visitors with malware, and eventually getting you banned from Google.

    WordPress File Monitor Plus will regularly check your WordPress installation for new files, deleted files, and changed files. If it finds anything, it will send you an email with details. It is your responsibility to read these emails to see if any changes are unexpected. For example, uploading a new image, or upgrading a plugin will cause an alert. If you see something you can’t explain, investigate it immediately. This plugin will not stop you from being hacked, it will only let you know when you are attacked, and help you clean it up.

    Out of the box, this one is pretty easy to set up. You just tell it how often to scan your files. But most likely, you will want to tell it which files to not scan. For example, if you have a caching plugin, it will cause the File Monitor to tell you things over and over. The best plan is to set it up with no excludes, and when the alerts start coming in, you can identify which directories to not pay attention to anymore. Eventually, it will only tell you about important changes.

  2. Limit Login Attempts. This plugin protects you from automated password guessers. If you install this plugin, it will let you configure how many tries someone gets at logging into your WordPress site before they are locked out for some amount of time. The guess count and lockout time are configurable. If someone guesses incorrectly too many times, you will be sent an email about it, and they will be stopped from trying again for some amount of time.

    So how useful is this? You would be surprised. Once you install this plugin, you will find out that there are automated bots that will find WordPress sites, and try to brute force the password. Without this plugin, they will eventually guess it. Depending on the speed of your server, they could guess hundreds of passwords a second. With this plugin installed, they may get 6 guesses every 2 days.

    This plugin is simple to install and configure. So you have no excuse.

  3. Secure WordPress. This plugin is more of a hardener. It does a lot of little things to make an attackers life harder. While none of these things make it impossible to be hacked, they will make hacking your site harder than hacking someone else’s, and that is usually enough.

  4. TimThumb Vulnerability Scanner. There is a library called TimThumb that people use to dynamically create thumbnail images for websites. It is used by millions of sites. In 2011, a vulnerability was discovered in it that allowed attackers to easily take over any site using it. The vulnerability has been corrected, but sadly old versions are still out there years later. This vulnerability is probably still the most common way WordPress sites get hacked. This plugin will automatically determine if you are using an out of date version of TimThumb, and if so, it will upgrade it for you.

Please let me know if these recommendations helped you, or if you know a WordPress plugin that belongs on this list.

RSA Conference 2013 Names Light Point Security Finalist for Most Innovative Company
Posted on by Zuly GonzalezCategories Events, Light Point Security Update, SecurityLeave a comment on RSA Conference 2013 Names Light Point Security Finalist for Most Innovative Company

Light Point Security to present at RSA Conference 2013 Innovation SandboxWe are pleased to announce that Light Point Security has been named by RSA Conference 2013 as one of the top 10 most innovative security companies.

On February 25, Light Point Security, along with the other 9 finalists, will present at RSA Conference’s 2013 Innovation Sandbox program for a chance to be named Most Innovative Company at RSA Conference 2013. Innovation Sandbox is a gathering of venture capitalists, entrepreneurs and security professionals pioneering the future of information security. The finalists represent new technologies and strategies with the potential to transform the future of information security.

We are thrilled to be among the most innovative security companies, and we’re looking forward to attending RSA and presenting at the Innovation Sandbox. You can read the full press release here.

You can follow the action on Twitter with the hashtag #innovationsandbox or by following us at @LightPointSec.

If you’ll be at RSA, and would like to connect with us, drop us a line at info@lightpointsecurity.com.

The Motivation Behind Malware
Posted on by Beau AdkinsCategories Light Point Web, Security, Web SecurityLeave a comment on The Motivation Behind Malware

Money from malwareLast night I came across a sobering article from Brian Krebs of KrebsOnSecurity. The article talked about a specific crimeware author that is advertising that he is in the market to buy fresh new browser exploits, but the article had much more information than just that.

The Value of an Exploit Kit

For some background, a crimeware gang has written an exploit kit named Blackhole. Its purpose is to exploit vulnerabilities in web browsers to install a malware payload on victims’ computers. The Blackhole kit itself doesn’t much care what the payload is. Instead, the author of Blackhole will lease his creation to others, and let them supply the malware.

Think about it like a delivery service. If I have a new piece of malware that I want installed on lots of computers around the world, I could pay to have Blackhole deliver it for me. Blackhole doesn’t need to know anything about what it is delivering, its job is only to get it delivered (yes, exactly like Jason Statham in The Transporter).

What is amazing about this is how much it costs to lease Blackhole. A three month license is $700, and a yearly license is $1,500. The creators will even provide hosting for you for $200/week or $500/month.

But that’s not all. The authors of Blackhole have built something even better, a second kit called the Cool Exploit Kit. From the article, it seems like the authors’ newest (and therefore most valuable) exploits are reserved for the Cool Exploit Kit. Only after an exploit becomes known is it moved to Blackhole. Access to the elite Cool Exploit Kit runs $10,000/month!

Additionally, the authors put out a statement that they want to buy more new exploits for browsers and browser plug-ins. They announced that they have set aside an initial budget of $100,000 to buy exploits and vulnerability proof-of-concepts. They stated that they are only interested in purchasing exploits that have not been published and that they will not release this information to the public either. Therefore, the targeted software will remain unpatched indefinitely.

The Motivation Behind Malware

There is only one reason why someone would spend that kind of money to get malware delivered – because it will pay for itself. The article showed that one specific cybergang’s income from just one flavor of ransomware was almost $400,000 a month.

This shows a very dangerous combination of facts. Getting malware onto a victim’s computer is worth a lot of money, so people will pay handsomely for new exploits to make that happen. This makes exploits worth a lot of money, so people will be motivated to continue creating them.

Our Mission

All of this reinforces our motivation here at Light Point Security. The web is now the most common way for malware authors to infect a victim’s computer. Unfortunately, in many cases, such as with the Cool Exploit Kit, cybercriminals use unpublished vulnerabilities in browsers and browser plugins to infect a victim’s computer with malware. By the time the vulnerability is discovered and fixed by the good guys, it is too late. The bad guys have infected tons of computers, and have moved on to the next vulnerability.

We are building Light Point Web to stop not some, not most, but all of these types of exploits – even the ones that have not been made public.

Categories
Archives