TAG Cyber LLC - Experts & Thought Leaders

Arista Networks, a pioneer in data-driven networking announced that its 720XP series of switches for campus deliver embedded security and packet analysis. By embedding NDR (Network Detection and Response) capabilities into the Arista EOS-based switches themselves, customers derive broader visibility and threat hunting across the modern cognitive campus. The secure infrastructure optimizes existing human workflows and drives automated risk mitigation without the need to deploy additional and external network security products. Network infrastructure “As a highly respected network infrastructure provider, Arista is well-positioned to bake security into the core of the network. Bringing artificial intelligence techniques such as deep learning, belief propagation, and natural language processing to data captured directly off the switch has the potential to grossly simplify network security for customers,” said Dr. Edward Amoroso, Chief Executive Officer, TAG Cyber and Research Professor, New York University. “Being a former security practitioner myself, the ability to avoid the operational burdens of bolting security on is very appealing.” High fidelity NDR with Arista AVA AVA Sensors support a variety of form factors from stand-alone appliances and virtual to cloud workloads Powered by AVA™ (Autonomous Virtual Assist), this AI-driven function has two key components: AVA Sensors and the AVA Nucleus. AVA Sensors support a variety of form factors from stand-alone appliances and virtual to cloud workloads and now, within campus power over ethernet (PoE) switches. These sensors curate and transfer the “just right” deep-packet data to the AVA Nucleus, which is offered as both on-premises and SaaS. With a simple switch software upgrade and minimal impact on switch performance or reliability, the Arista NDR platform delivers:        Enhanced visibility: Identify mal-intent, profile, and track all users, apps, and devices whether managed desktops and workstations or unmanaged contractors, supply chain, cloud, and IoT workloads. Correlate these entities based on behavioral analysis to build an entity-centric view and declutter a security analyst’s threat hunting workflow. Real-time Situational Awareness: Understand the entire threat landscape and scope of any attack so that security analysts can make intelligent and risk-based decisions. AI-Driven Threat Detection: Automate threat detection and response on the network with a platform that identifies underlying attacker tactics, techniques, and procedures rather than just known indicators of compromise. Managed NDR: Leverage the power of the Arista NDR platform coupled with skilled resources from Awake Labs that bring decades of experience to enhance the customer’s 24x7 security operations, threat hunting, and incident response programs. Network security  Arista enables a built-in, secure network that reduces organizational risk by speeding up both time to detection and remediation" “Network security has been an ongoing challenge for most organizations due to hardware deployments and configuration changes needed at the network infrastructure level. While organizations acknowledge that the network presents a unique vantage point, security teams have been forced to trade off-network visibility and ongoing operational costs,” said Rahul Kashyap, Vice President and General Manager of Cybersecurity CISO at Arista Networks. “By building NDR capabilities into the switching infrastructure itself, Arista enables a built-in, secure network that reduces organizational risk by speeding up both time to detection and time to remediation.” NetFlow-based solutions Legacy NetFlow-based solutions are limited in their depth of visibility (port, IP address, and basic protocol information) and lack the context to identify modern devices or threats. In stark contrast, AVA Sensors analyze the full packet, including application layer data which sets the stage for automated and manual threat hunting. Innovations like this have led Arista NDR to be recognized as a leader in the KuppingerCole Network Detection & Response Leadership Compass 2021 Report. The platform also received the AI Breakthrough award for the Best AI-based Solution for CyberSecurity. AVA availability The new capabilities are expected to be generally available in Q2, 2022, with early trials in March 2022.

Sepio Systems, the globally renowned provider of Hardware Access Control (HAC) solutions, has announced the launch of the company's Hardware Access Control solution (HAC-1), which gives organizations complete visibility and control over essential hardware devices throughout the enterprise, across the network and endpoint devices. Fingerprinting technology "In 2016 we created Sepio to mitigate the risk of rogue hardware devices, our SepioPrime platform stops attacks in financial services institutions, insurance companies and critical infrastructure," said Yossi Appleboum, Co-Founder & Chief Executive Officer (CEO) of Sepio. He adds, "Today, Sepio introduces HAC-1, the industry's first Hardware Access Control solution, which extends our fingerprinting technology to provide complete visibility and control for hardware devices and augment hardware risk mitigation." HAC-1 capabilities include: Complete Visibility of all Hardware Assets: With all devices and anomalies detected, enterprises benefit from a greater overall cyber security posture. Gaining full visibility of all hardware devices from endpoint peripherals to connected devices (IT/OT/IoT), Sepio's HAC-1 uses unique physical layer hardware fingerprinting technology and data augmentation from endpoints and networks. Full Control through Predefined Policies: Enterprise-wide policies enable compliance, regulation and best practices. With predefined templates and no base-lining nor whitelisting and no requirement for a clean environment start, Sepio provides a fast and easy setup. Rogue Device Mitigation (RDM): Threat mitigation upon discovery of rogue or threatening devices. Integrations with existing security platforms such as NACs and SOARs for mitigation and remediation enhancements. Cyber security arena - hardware security visibility With the company's new solution, enterprises will be able to see what, until now, has been invisible" "Sepio has solved one of the longest standing issues within the cyber security arena - hardware security visibility and remediation. With the company's new solution, enterprises will be able to see what, until now, has been invisible," said Edward Amoroso, Chief Executive Officer (CEO) of TAG Cyber LLC. Edward adds, "As employees re-enter the office around the world, hardware security and device tampering is a top concern as external adversaries look to gain intelligence and sit on the hardware devices for months to years at a time." Fueled by machine learning Sepio's HAC-1 is fueled by machine learning, which is fed by a combination of physical layer fingerprinting (Layer 1) and link layer (Layer 2) data. This enables Sepio Systems to provide the sought-after visibility and enforcement level needed to ensure a lower risk hardware infrastructure. This is further augmented by a threat intelligence database that captures all meaningful data inputs to drive true hardware access control.

Pulse Secure, the provider of Secure Access solutions, announced its designation as a Distinguished Vendor in this year’s ‘2019 TAG Cyber Security Annual’. Pulse Secure recently became a member of the world’s leading cybersecurity vendors as selected by Dr. Edward Amoroso, CEO of TAG Cyber, and added to this year’s report. Each year TAG Cyber publishes its three-volume report to the IT community for download at no cost. Volume Two of the report also includes an informative interview with Pulse Secure CEO, Sudhakar Ramakrishna. Assisting Chief Information Security Officers This year’s ‘TAG Cyber Security Annual’ was developed to assist chief information security officers (CISOs) and security teams as they advance their information enterprise cybersecurity protection programs and best practices. Beyond offering a ‘periodic table’ of cybersecurity controls, the volume offers insights as to key control trends based on expert and practitioner participation. Beyond offering a ‘periodic table’ of cybersecurity controls, the volume offers insights as to key control trends based on expert and practitioner participation “Ed Amoroso and his team have put together a pragmatic compendium of security controls and outlooks that can be readily applied by information security professionals. We are pleased to have participated and to be distinguished in this report as TAG Cybers’ service to the IT community and their best practices are to be commended,” said Sudhakar Ramakrishna, CEO of Pulse Secure. Expediting multi-factor authentication The 2019 Tag Cyber Volume Two highlighted key trends within 50 top controls. Key findings within Secure Access controls highlighted in the report include: Where initial generations of remote access focused on teleworkers and two-factor authentication, next-generation secure access solutions are increasing effectiveness by expediting multi-factor authentication and integrating with modern cloud and mobility platforms Leading secure access vendors are delivering solutions equally focused on user experience with the goal of minimizing the steps required to establish secure connectivity The future of secure access lies in device-to-cloud, where mobility and embedded controls ensure that authentication, encryption and integrity are in place. While the use of public clouds to host enterprise applications will eventually remove access to the corporate LAN, this function will remain in hybrid mode for several years where traditional remote access will remain in place during this transition period Simple, robust and interoperable approach “Ensuring secure access to a multitude of applications and resources is a business imperative that challenges IT as enterprises accelerate data center virtualization and cloud computing. As such, organizations are reassessing their technology stack that comprises Secure Access,” said Amoroso. “Pulse Secure is among leading vendors focused on offering a simpler, more robust and interoperable approach for enterprises as they migrate from remote access to more advanced hybrid IT access protection.”