International
RSA CONFERENCE 2017 FEATURE REVIEW
THE BIGGEST ‘MUST GO’ CYBERSECURITY SHOW ON EARTH - PART 2 Editor’s RSA Conference 2017 Review - Vendor Insights
/// ARTIFICIAL INTELLIGENCE PROTECTING THE ACTIVE DIRECTORY INTERVIEW WITH JAVELIN FOUNDERS GUY FRANCO AND ROI ABUTBUL, CEO At RSA Conference 2017, Javelin announced the release of AD Protect™, an AI-based platform designed to stop the use of stolen and misused directory credentials to move laterally into an organization’s network environment. Thwarting attackers at the point of compromise, the AI autonomously projects to the attacker a false set of organisational resources, including the Active Directory, that look and act real, yet get the attacker nowhere, containing the breach to just one machine. The result is Javelin’s
70 | Australian Cyber Security Magazine
automated incident response (IR) and breach containment that provides attack compromise detection and directory credential theft or misuse, while assisting efforts to investigate and contain any further attack. The story behind Javelin arcs back to three young men meeting in the Israeli Airforce and Intelligence Corps. Guy and Roi, along with co-founder Almog Ohayon, started out in 2014 and after $2 million in seed funding. In early February 2017, they announced a $5 million Series-A Financing Round to fuel further development and growth. Based in Tel Aviv, the company is now also situated in Palo Alto, CA and Austin, TX. As Guy explained, “the industry is focused on protecting networks, computers, devices and applications, but at the end of the day the key element being targeted is the Active Directory (AD) – it is used by 9 out of every 10 companies around the world and remains mostly unprotected. All the campaigns APT (Advanced Persistent Threat) attacks are based on is achieving AD manipulation – the attacker’s aim is to be stealthy, leave no evidence and achieve
a high gain and mostly, a financial gain.” After almost two and half years working just on the technology, with a dedicated ADP (Automatic Data Processing) design team, the company launched in the second half of 2016 and hired former Cylance Executive, Greg Fitzgerald to drive the message home – that attacks and threats are focused on the AD – the heart of the organisation. Javelin reports seeing immediate traction with customers, with one customer, despite having a $50 million security budget, discovering they still had limited protection of their AD. Javelin can support 20,000 devices and then scale out to 500,000 end points. The learning phase is rapid, within minutes, acquiring 200 devices at a time – so a large enterprise network can be acquired within an hour or two. Roi stated, “the greatest thing we have accomplished is we have created an autonomous IR mechanism and the only one specifically designed to work in a domain environment. That domain environment has its own rules and we have built that from scratch – once we find an infection on one computer and