We would like to thank all of our sponsors who make DerbyCon happen. Without our sponsors, the conference couldn’t be what it is today. In stating that, our sponsors believe in the support of DerbyCon and have paid sponsorship fees in order to represent their company at the conference. We ask that if you have not sponsored DerbyCon, that you do not hand out private party information and actively market private or public company parties or events in the halls of the conference area. This is in poor taste, and if you would like to represent your company, we would be happy to have you as a sponsor next year.

We are no longer accepting sponsorships for DerbyCon 2018

If your company is interested in sponsoring DerbyCon in 2019, please email info [at] derbycon [dot] com in January.


2018 Sponsors

Diamond

Rapid7

With Rapid7, technology professionals gain the clarity, command, and confidence to safely drive innovation and protect against risk. We make it simple to collect operational data across systems, eliminating blind spots and unlocking the information required to securely develop, operate, and manage today’s sophisticated applications and services. Our analytics and science transform your data into key insights so you can quickly predict, deter, detect, and remediate attacks and obstacles to productivity. Armed with Rapid7, technology professionals finally gain the insights needed to safely move their business forward.

Website


Platinum

Binary Defense

Get the ultimate end-to-end security solution: human driven, technology-assisted managed security services providing cutting edge fully managed EDR; SIEM deployment, management, and monitoring; and actionable Counterintelligence. Our world-renowned, attack-ready team features around-the-clock expertise with eyes on glass for detection, protection, deception, and response. Analysis and review conducted on all alerts by cyber security professionals who then provide detailed, actionable intelligence, tuning out the noise so you can focus on rapid response and mitigation in order to protect your business.

Binary Defense was founded with the purpose to change the security industry for the better and help organizations defend against threats of all kinds. Built from the minds of the industry’s top security researchers and continuously evolving to detect next-generation threats. We accomplish this by maximizing the effectiveness of industry experts’ knowledge and experience, combining that with customer built, proprietary software and tools.

Binary Defense. Real people detecting real threats in real time every second of every minute of every day protecting your data, your brand, and your people.

Website


TrustedSec

TrustedSec is an information security consulting team at the forefront of attack simulations with a focus on strategic risk-management to help organizations defend against threats of all kinds and change the security industry for the better.

TrustedSec’s expert senior consultants utilize pioneering insights developed by our Adversary Emulation, Threat & Research team to find and diagnose vulnerabilities, then create a comprehensive roadmap for holistically improving clients’ security programs.

Our reputation as a relationship-driven organization is a testament to our team’s passion and commitment to helping our partners improve their defensive postures. Beyond custom diagnostics and detailed remediation programs for clients, TrustedSec conducts industry research, develops new tools, administers training classes, and keynotes, presents, and hosts security conferences throughout the world.

Website


Secureworks

Secureworks Adversary Group (SwAG) is a part of the Secureworks’ Security Consulting organization. SwAG is responsible for adversarial testing services such as penetration tests, red team engagements, collaborative adversarial defense training, application security testing, hardware testing, and long-term threat actor simulation. SwAG employs tactics and techniques used by real world threat actors in order to provide clients with valuable information about their ability to defend against such attacks.
Secureworks (NASDAQ: SCWX) is a leading global cybersecurity company that keeps organizations safe in a digitally connected world. We combine visibility from thousands of clients, artificial intelligence and automation from our industry-leading SecureWorks Counter Threat Platform™, and actionable insights from our team of elite researchers and analysts to create a powerful network effect that provides increasingly strong protection for our clients. By aggregating and analyzing data from any source, anywhere, we prevent security breaches, detect malicious activity in real time, respond rapidly, and predict emerging threats. We offer our clients a cyber-defense that is Collectively Smarter. Exponentially Safer.

Website


Milton Security

READY. RELEVANT. RESPONSIVE.
Threat hunting must be done 24 hours a day, 7 days a week. Attackers don’t take time off.

DETECT. DETER. DESTROY.
MiltonSec is the Force Multiplier that enables your organization to focus your Cyber Security efforts in mitigating threats. We will detect, deter and help destroy those potential threats.

MILTONSEC. YOUR HUNT TEAM.
If you are not already Threat Hunting 24*7, you may have already lost the battle. MiltonSec provides real-time reports and actionable counter measures. We help you win.

Milton Security is a proud SDVOSB that hires Veterans First.

Visit us at www.miltonsecurity.com to learn more


Gold

Cisco

Cisco Umbrella is a cloud security platform that provides the first line of defense against threats on the internet wherever users go. Because it’s built into the foundation of the internet, Umbrella delivers complete visibility into internet activity across all locations, devices, and users. By analyzing and learning from this activity, Umbrella automatically uncovers attacker infrastructure staged for current and emerging threats, and proactively blocks requests before a connection is established. With Umbrella, you can stop attacks earlier, identify already infected devices faster, and prevent data exfiltration. Umbrella provides an effective solution that is open, automated, and simple to use.

Website


Security Risk Advisors

Security Risk Advisors specializes in red and purple team engagements, tactical assessments, cyber security roadmaps, compliance initiatives, and defensive toolset selection, implementation, engineering and operations across all industries.

Our approach emphasizes knowledge transfer, clear documentation and an ongoing consultation after our engagement period. We look forward to meeting you at the conference whether you’re in search of a new opportunity or want to hear more about our services.

Website


Securonix

Securonix is re-defining the next generation of cyber-threat detection using the power of entity context, machine learning, and big data. Our purpose-built, security analytics platform mines, enriches, analyzes, scores and visualizes data into actionable intelligence on the highest risk threats. Using machine learning techniques that track users, account and system behavior, Securonix detects the most advanced insider threats, cyber threats and fraud attacks in real-time. Globally, customers are using Securonix to address needs around insider threat detection, privileged misuse, cloud security, cyber threat detection, patient data monitoring, fraud detection and application security monitoring. For more information visit www.securonix.com.


Express Scripts

Express Scripts is a Fortune 25 healthcare opportunity company with 27,000 employees united by one goal: to help make healthcare simpler, more accessible and more affordable for 100 million Americans. As an organization that deals with highly sensitive patient information, we are committed to protecting the clients, patients, and companies we serve from security breaches and cyber-attacks. Our cyber defenders are challenged and trusted with maintaining our secure infrastructure day in and day out, while leveraging internal and external threat intelligence to continuously improve our security posture.

If you want to be at the center of our noble mission to make healthcare safe and more affordable, while delivering an enterprise computing environment that is resilient to breaches and disruptions, explore our opportunities.

Website


SCYTHE

SCYTHE is disrupting the traditional approach to information security by taking assessments to the next level. The SCYTHE platform provides continuous breach and attack simulation which delivers quantifiable portfolio management for CISOs, giving organizations real-time understanding of where their defenses stack up to current and future threats to the enterprise. For more information, visit https://scythe.io, or follow us on Twitter @scythe_io.


Sophos

Sophos makes IT security simple with next-generation solutions that protect networks, servers, and devices, wherever they are. Today, more than 100 million users in 150 countries and a global network of channel partners trust Sophos to deliver simple solutions to complex security challenges. Focused on innovation and backed by a global network of SophosLabs threat intelligence centers and industry-leading support, Sophos delivers solutions that are simple to deploy, maintain, and manage, enabling organizations to focus on performance and growth. Sophos — Cybersecurity made simple.

Website


ITS Partners

Hello. We’re ITS. We believe that the best IT and security advisors to work with are practitioners who have lived in your shoes. People who know their stuff. People who will get their hands dirty. People who care about outcomes more than billable hours. That’s the team we’ve built at ITS. How can we help you? We’ve lived in your shoes. Clients and partners love us because we’re a team of practitioners. That means we speak your language and we understand your pain. Leverage our 25-years of experience rocketing IT to higher levels of maturity.

Website


VMRay

VMRay delivers advanced threat analysis and detection that combines a unique agentless hypervisor-based network sandbox with a real-time reputation engine. The combination provides both fast, high volume file classification and deep malware analysis. The VMRay Analyzer is platform independent and highly scalable, the result of a decade of R&D by some of the world’s leading experts on dynamic malware analysis. By monitoring at the hypervisor level, it is undetectable by malware running in the target operating system. VMRay serves leading enterprises around the world.

Website


BOOZ ALLEN HAMILTON

For more than 100 years, business, government, and military leaders have turned to Booz Allen Hamilton to solve their most complex problems. They trust us to bring together the right minds: those who devote themselves to the challenge at hand, who speak with relentless candor, and who act with courage and character. They expect original solutions where there are no roadmaps. They rely on us because they know that—together—we will find the answers and change the world. To learn more, visit BoozAllen.com.


SANS

The SANS Institute is the most trusted source for information security training, certification, and research.

Website


(ISC)²

25-Word Company Description
(ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. (ISC)² is best known for the acclaimed CISSP®. www.isc2.org

50-Word Company Description
(ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP®) certification, (ISC)2 offers a portfolio of credentials that are part of a holistic, programmatic approach to security. www.isc2.org

100-Word Company Description
(ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP®) certification, (ISC)2 offers a portfolio of credentials that are part of a holistic, programmatic approach to security. Our membership, over 130,000 strong, is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry. Our vision is supported by our commitment to educate and reach the general public through our charitable foundation – The Center for Cyber Safety and EducationTM. Visit www.isc2.org.


Silver

InGuardians

InGuardians is an independent information security consulting company providing high-value services. Our specialties include RedTeam penetration testing, hardware & application security assessments, threat hunting and incident response.

InGuardians strives to assemble the best and the brightest minds in information security. Our aim is to channel the collective talents of our team in providing actionable business focused information security consulting.

Established in 2003 by industry veterans, InGuardians brings technical experience and business acumen to your projects.  Our information security professionals have authored tools, books, testing frameworks and training programs. InGuardians consultants teach and mentor the community through SANS, BlackHat and private courses.

Website


Trimarc

Trimarc was founded by Sean Metcalf, a Microsoft Certified Master in Active Directory, to help organizations better secure their Microsoft platform, specifically on-premises Active Directory (AD) and the Microsoft cloud environment (Azure AD & Office 365). We have decades of systems engineering experience in enterprise environments combined with security vision and know-how and this expertise more quickly and effectively improves the security posture of our customers.

Trimarc provides leading expertise in security solutions including security reviews, strategy, architecture, and implementation. Our methodology leverages our internal research and custom tooling which better discovers multiple security issues attackers could exploit to compromise the environment. Trimarc security services fit between traditional compliance/audit reviews and standard penetration testing/red teaming engagements, providing deep understanding of Microsoft technologies, typical security issues and misconfigurations, and provide recommendations based on our own best practices custom-tailored to balance operational and security challenges.

Trimarc’s Active Directory security review and assessment scans the AD environment shining a light on the dark, forgotten corners and unravels the spider-web of permissions collected over many years. We identify multiple potential AD escalation paths and provide recommendations that are actionable, prioritized, and customized to the environment so they can be implemented more quickly (and phased in over time) to effectively mitigate them. Our reporting methodology and approach provide clear paths to resolution and most of the critical issues we discover in our customer environments are resolved in days to weeks, not years.

Please visit our website for more information and our published security research: www.TrimarcSecurity.com.


Counter Hack

Counter Hack is dedicated to creating world-class educational, interactive challenges, competitions, and cyber ranges to help organizations and individuals develop cyber security skills. We build the SANS NetWars system, CyberCity, the Holiday Hack Challenge, Cyber Aces, and Cyber Quests. Our team also provides exceptional penetration testing and expert witness services in a variety of industries.

Website


 

Carbon Black

Carbon Black is a leading provider of next-generation endpoint security. Carbon Black serves more than 3,700 customers globally, including 33 of the Fortune 100. As a cybersecurity innovator, Carbon Black has pioneered multiple endpoint security categories, including application control, endpoint detection and response (EDR), and next-generation antivirus (NGAV). Leveraging its newly introduced big data and analytics cloud platform – the Cb Predictive Security Cloud – Carbon Black solutions enable customers to defend against the most advanced cyber threats, including malware, ransomware, and non-malware attacks. Deployed via the cloud, on premise, or as a managed service, customers use Carbon Black solutions to lock down critical systems, hunt threats, and replace legacy antivirus. For more information, please visit www.carbonblack.com or follow us on Twitter at @CarbonBlack_Inc.


Qualys

Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud-based security and compliance solutions with over 10,300 customers in more than 130 countries, including a majority of each of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and consolidate their security and compliance solutions in a single platform and build security into digital transformation initiatives for greater agility, better business outcomes and substantial cost savings. The Qualys Cloud Platform and its integrated Cloud Apps deliver businesses critical security intelligence continuously, enabling them to automate the full spectrum of auditing, compliance and protection for IT systems and web applications on premises, on endpoints and elastic clouds. Founded in 1999 as one of the first SaaS security companies, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including Accenture, BT, Cognizant Technology Solutions, Deutsche Telekom, Fujitsu, HCL Technologies, HP Enterprise, IBM, Infosys, NTT, Optiv, SecureWorks, Tata Communications, Verizon and Wipro. The Company is also a founding member of the Cloud Security Alliance. For more information, please visit www.qualys.com.


Sprocket Security

Sprocket Security provides continuous security testing services. Attackers don’t stop, and your business changes throughout the year. Assessing security once a year is a failed approach. Our platform detects changes in your organization and prompts human-driven testing to identify security risks.

Testing adapts as your security posture matures. This includes red teaming, adversary simulations, security awareness, tabletop exercises, and more. Sprocket Security is purposely built for continuous testing and operates very differently than traditional firms. This allows us to offer affordable subscription prices for high-quality testing.

It’s time you get more value out of your security testing. Get in touch with us at www.sprocketsecurity.com or on twitter @sprocketsec


IBM Resilient

IBM Resilient’s mission is to help organizations thrive in the face of any cyberattack or business crisis. The industry’s leading Incident Response Platform (IRP) empowers security teams to analyze, respond to, and mitigate incidents faster, more intelligently, and more efficiently. The Resilient IRP is the industry’s only complete IR orchestration and automation platform, enabling teams to integrate and align people, processes, and technologies into a single incident response hub. With Resilient, security teams can have best-in-class response capabilities. IBM Resilient has more than 150 global customers, including 50 of the Fortune 500, and hundreds of partners globally. Learn more at www.resilientsystems.com


IronNet

IronNet’s mission is to develop cutting-edge cybersecurity solutions that defend industries and nations from advanced cyber threats. We deliver best-in-class cyber defense solutions through the use of complex behavioral modeling, big-data analytics, and advanced computing capabilities. Our solutions provide unprecedented network visibility, early threat detection, and collective defense across multiple companies and sectors to inform businesses and mitigate threats.

The company was founded in 2014 by General (Ret.) Keith Alexander, the former Director of the National Security Agency and founding Commander of U.S. Cyber Command. Our team consists of highly experienced strategic, operational, and technical cybersecurity experts with unmatched experience defending commercial and government networks against advanced threats. IronNet is backed by blue-chip investors C5 Capital, ForgePoint Capital, and Kleiner Perkins. For more information, visit www.ironnetcyber.com.


IMF Security

IMF Security, the home of LOG-MD is a provider of Windows incident response, auditing, security assessment and malicious discovery hunting tool. LOG-MD helps administrators and analysts audit and evaluate their Windows audit log configuration, and provides recommendations for improvements, helping the overall security posture in the process. For users of log management and SIEM solutions, LOG-MD can help discover the right things to collect, and help to reduce the noise, saving on licensing fees. LOG-MD also provides advanced Windows incident response capabilities to discover malicious artifacts and process flow of what executed on the system. LOG-MD is also popular for malware labs, able to discover important artifacts that can be used in other enterprise tools for threat hunting. A standalone program, nothing to install, no cloud requirements, LOG-MD allows administrators to discover audit log weaknesses, configure the system and discover malicious artifacts on any Windows Vista, Server 2008 and newer systems. LOG-MD can also be pushed to every system in the organization to investigate suspicious behavior, or validate there are no new suspicious artifacts, such as a null byte in the registry, large registry keys, malicious PowerShell, and new suspicious autorun or WMI persistence items. IMF Security also provides training and consulting on the use of LOG-MD in small, medium, and large organizations to help them improve their Windows incident response capabilities and improve Windows malicious discovery.

Website


Black Hills Information Security

Information Security can be treacherous. We’re not here to just offer you a map and send you on your way, but to be a guide for the long journey. Let us help you understand where to go from here, what tools might be useful along the way, and how best to use them. Can you trust us? You already do! We’ve been doing penetration testing with a large percentage of the top Fortune companies for over a decade. From healthcare, insurance, transportation, to banking and finance, you’re already doing business with businesses that have trusted us with their most precious resources – their information.

Website


Bronze

REDLattice

REDLattice is an agile, mission-focused provider of services and technology solutions serving the Fortune 500 and government marketplace. Our expertise is software development, vulnerability research, malware analysis, open source architectures, and unique logistics challenges. We also work as management consultants conducting due diligence and global market analysis for select Fortune 500 firms. Our people are recognized leaders in the design, development and implementation of cutting-edge technology solutions and are experienced in delivering rapid prototyping solutions across a range of customer needs.

Website


Squarespace

Squarespace makes beautiful products to help people with creative ideas succeed. Our platform empowers millions of people to share their stories and create an impactful, stylish, and easy-to-manage online presence.

Website


Versive

Malware. Blockchain. Exploit. APT. Cryptocurrency. Implant. Artificial Intelligence. Threats. Packets. Bears. Pandas. Kittens. Phish. Machine Learning. Linux. Compromise. Sophisticated. DNS. Firewall. Data. Proxy. PCAP. Credentials. Metasploit. Active Directory. Kill chain. Threat actor. Host. Router. Password. WMI. Kernel. Windows. Registry.

Buzzword bingo is a game that we are all tired of playing. If we cut through the noise, we can all agree that machine-scale problems require machine-scale solutions. When applied in the right way, machine learning can augment the analyst, not replace them. It is not a black box, it is not magic, it is math. We built our product to be explainable, use well-known and well-understood open source frameworks like Spark and Hadoop. You can deploy it on-premises, or in the cloud, and its function is bespoke to its unique network environment.

So what is it? The Versive Security Engine. We see it as the critical missing piece in a company’s security portfolio, as it discovers and makes sense of ongoing adversary campaigns inside corporate networks, instead of filling dashboards with hundreds of alerts. Adversary behavior within a network inevitably leaves a digital “paper trail” in internal network data (netflow, proxy and DNS). VSE looks for unexpected internal reconnaissance, collection and exfil behaviors and understands how they relate across time and across the network. This is how VSE is able to detect unfolding adversary campaigns regardless of what tools, tactics, or exploits they use.

Website


Check Point

Check Point Software Technologies Ltd. (www.checkpoint.com) is a leading provider of cyber security solutions to governments and corporate enterprises globally. Its solutions protect customers from cyber-attacks with an industry leading catch rate of malware, ransomware and other types of attacks. Check Point offers a multilevel security architecture that defends enterprises’ cloud, network and mobile device held information, plus the most comprehensive and intuitive one point of control security management system. Check Point protects over 100,000 organizations of all sizes.


Exclusive Friday Party

Oath

Oath, a subsidiary of Verizon, is a values-led company committed to building brands people love. We reach over one billion people around the world with a dynamic house of 50+ media and technology brands. A global leader in digital and mobile, Oath is shaping the future of media.

When you impact millions of people every day, you become a large target for adversaries of all types within all layers of the stack. Our job is to keep our users safe and make Oath one of the safest places on the Internet.

We are the information security team at Oath; known as \”The Paranoids\”.

Website


Saturday Party

MailChimp

MailChimp is the world’s largest marketing automation platform. It’s like a second brain that helps millions of customers—from small e-commerce shops to big online retailers—find their audience, engage their customers, and build their brand.

Website


Qualys

Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud-based security and compliance solutions with over 10,300 customers in more than 130 countries, including a majority of each of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and consolidate their security and compliance solutions in a single platform and build security into digital transformation initiatives for greater agility, better business outcomes and substantial cost savings. The Qualys Cloud Platform and its integrated Cloud Apps deliver businesses critical security intelligence continuously, enabling them to automate the full spectrum of auditing, compliance and protection for IT systems and web applications on premises, on endpoints and elastic clouds. Founded in 1999 as one of the first SaaS security companies, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including Accenture, BT, Cognizant Technology Solutions, Deutsche Telekom, Fujitsu, HCL Technologies, HP Enterprise, IBM, Infosys, NTT, Optiv, SecureWorks, Tata Communications, Verizon and Wipro. The Company is also a founding member of the Cloud Security Alliance. For more information, please visit www.qualys.com.


Nexum

Nexum, Inc. is a cybersecurity and networking company that builds and secures global networks for organizations across multiple verticals around the world. In addition to its Chicago headquarters, Nexum has sales, training and support presence in Kentucky, Michigan, New Hampshire, New York, Minnesota, Ohio, Wisconsin and Indiana as well as the Security and Network Operations Command Centers (SNOCC) in New Mexico and Illinois.
Nexum believes that by remaining absolutely focused on its clients’ needs, success necessarily follows. Nexum meets those needs through a holistic, value-based approach that includes best-in-breed products, professional services, Nexum-branded manufacturer support, authorized training, and monitored and managed security services. At Nexum, We Mean Security.

Website


Check Point

Check Point Software Technologies Ltd. (www.checkpoint.com) is a leading provider of cyber security solutions to governments and corporate enterprises globally. Its solutions protect customers from cyber-attacks with an industry leading catch rate of malware, ransomware and other types of attacks. Check Point offers a multilevel security architecture that defends enterprises’ cloud, network and mobile device held information, plus the most comprehensive and intuitive one point of control security management system. Check Point protects over 100,000 organizations of all sizes.


CTF Sponsor

Synack

Synack, the leader in crowdsourced security testing, provides real security to the modern enterprise. We leverage the world’s most trusted ethical hackers and an industry-leading platform to find critical security issues before criminals can exploit them. Companies no longer have to choose between working with the best security talent and a lack of time, resources, or trust. Headquartered in Silicon Valley with regional offices around the world, Synack has protected over 100 global organizations by reducing companies’ security risk and increasing their resistance to cyber attack.

Website


Coffee Sponsor Wednesday

Black Hills Information Security

Information Security can be treacherous. We’re not here to just offer you a map and send you on your way, but to be a guide for the long journey. Let us help you understand where to go from here, what tools might be useful along the way, and how best to use them. Can you trust us? You already do! We’ve been doing penetration testing with a large percentage of the top Fortune companies for over a decade. From healthcare, insurance, transportation, to banking and finance, you’re already doing business with businesses that have trusted us with their most precious resources – their information.

Website


Coffee Sponsor Thursday

R9B

R9B (root9B, LLC) is the leader in advanced cybersecurity solutions, enhancing the way global organizations detect, pursue, isolate and eliminate threats to enterprise infrastructure. As the company that introduced HUNT to commercial markets in 2013, R9B products and services are trusted by both governments and Fortune 500 brands to produce tangible results in the security of information systems. Founded by professionals with backgrounds in the defense, intelligence and commercial communities, R9B delivers expert knowledge, next-generation technology and in-depth training through a security-as-a-service model. R9B is headquartered in Colorado Springs, Colorado with offices across the United States and in Canada.

Website


 

SE Village

Chenega Mios

Chenega Corporation’s Military, Intelligence, and Operations Support (MIOS) Strategic Business Unit (SBU) is pleased to be a sponsor of DerbyCon 8.0. We are a leading professional services and solutions provider for government and commercial customers around the globe. With 14 subsidiary companies, Chenega MIOS SBU offers small business speed and agility backed by big business capabilities to consistently deliver exceptional services and solutions across a diverse portfolio ranging from Systems Engineering, Information Technology, and Cloud Computing to Training, Strategic Communications, Social Media Marketing, and eLearning.

Our Cybersecurity services and capabilities include Cybersecurity Engineering, Computer Network Defense, Threat Detection & Mitigation, Risk Management, Auditing & Assessments, Network Certification & Accreditation, and Testing & Integration support.

Visit us at www.chenegamios.com to learn more.


Hacker Jeopardy

Versive

Malware. Blockchain. Exploit. APT. Cryptocurrency. Implant. Artificial Intelligence. Threats. Packets. Bears. Pandas. Kittens. Phish. Machine Learning. Linux. Compromise. Sophisticated. DNS. Firewall. Data. Proxy. PCAP. Credentials. Metasploit. Active Directory. Kill chain. Threat actor. Host. Router. Password. WMI. Kernel. Windows. Registry.

Buzzword bingo is a game that we are all tired of playing. If we cut through the noise, we can all agree that machine-scale problems require machine-scale solutions. When applied in the right way, machine learning can augment the analyst, not replace them. It is not a black box, it is not magic, it is math. We built our product to be explainable, use well-known and well-understood open source frameworks like Spark and Hadoop. You can deploy it on-premises, or in the cloud, and its function is bespoke to its unique network environment.

So what is it? The Versive Security Engine. We see it as the critical missing piece in a company’s security portfolio, as it discovers and makes sense of ongoing adversary campaigns inside corporate networks, instead of filling dashboards with hundreds of alerts. Adversary behavior within a network inevitably leaves a digital “paper trail” in internal network data (netflow, proxy and DNS). VSE looks for unexpected internal reconnaissance, collection and exfil behaviors and understands how they relate across time and across the network. This is how VSE is able to detect unfolding adversary campaigns regardless of what tools, tactics, or exploits they use.

Website