Over the course of some two decades, Veriti Co-founders Oren Koren and Adi Ikan encountered hundreds of networks, and were struck over and over again by the same thing: Everyone had the right security tools and controls. Everyone had compliance processes. Everyone had a system to identify what needed to be purchased and deployed. But still, time and again, they were being breached.
So Koren and Ikan, veterans of the Israeli military’s renowned 8200 cyber intelligence unit, set out to help organizations improve their defenses. The technology they developed allows organizations to reduce risk exposure and by automatically providing visibility and optimizing the tools they already possess — without disrupting critical business operations.
“If you enable all of the features of all of the things you have purchased, you will be protected 95%,” Koren said. “But in most cases, the security team isn’t aware of everything the controls can do. And more important, if security controls are enabled to operate at maximum, that will impact the organization’s business continuity because the controls will probably block crucial operations.”
Veriti’s agentless technology, which integrates seamlessly into the security stack, has two main use cases. The first is exposure remediation — identifying exposures across the entire security infrastructure, then finding a compensating control within the organization’s existing tech stack, allowing remediation with a single click. The swiftly delivered actionable insights free teams to focus on pressing or strategic issues instead of sifting through piles of data manually.
“The technology will learn what security controls and capabilities you have, and then match them to the organization’s risks so you can deploy your technology effectively to protect against those risks,” Koren said.
In addition to identifying whether a risk is compensated or not, Veriti’s technology will also identify whether the asset is exposed internally or externally as well.
“If it’s inside, you can work for 24 hours, then mitigate the risk. If it’s exposed outside, you might have an hour before someone tries to use it against you,” he said.
“Everyone is prioritizing criticality. But these are the two missing pieces that we do that are unique. One, are you compensated? And second, is the exposed asset inside or outside?”
Uniquely and critically, the technology also validates the security control won’t impact the organization by taking down the business application.
“We reduce the meantime to respond from hours to minutes. You don’t need to manually analyze what the impact will be,” Koren explained. “I will fix the bad impact you will have so you can respond quickly. I’m not aware that others are looking at the business disruption element.”
The second use case is threat protection. Today, if a SOC wants protection against indicators of compromise, a ticket needs to be opened. With Veriti, the security team can log in and actually block a malicious file, domain or IP by themselves, eliminating the need to rely on other teams for protection.
Veriti’s major target markets include healthcare, OT/IoT and manufacturing – operations that cannot be taken down to be patched. A second focus is banking and insurance, which find Veriti’s technology compelling because the product is not sending telemetry to headquarters, Koren said. The option not to share data is also appealing to government institutions, he said.
The company is focusing on mid-size organizations and above that have multiple security controls, and many hundreds, if not thousands, of employees. It’s also aiming for companies with subsidiaries.
“The mother ship can use us to run a security control assessment on its subsidiaries, and provide a service as an internal MSSP,” Koren said.
Looking ahead to the coming year, Koren identifies three major trends in the cyber field: 1) open platforms that allow organizations to find a gap and remediate it; 2) big vendors managing other vendors, with a view to eventually replacing them; and 3) automation in remediation.
“What the vendors have realized is that the biggest market today is service providers, not only managing themselves, but others as well,” Koren said. “This is a major trend, and it will become a massive trend.”
Veriti stands to gain because it already has the integrations behind the scenes to allow the management of multiple vendors, he said.
“We have given the MSSP the ability to manage all of their vendors,” he said. “We anticipate that they will approach this by developing the capability by themselves, as we have done, or by integrating with vendors like us, to be able to manage through us – in short, either as a competitor or as a partner.”
Automation in remediation will get a push because the mean time to response today remains very high, Koren said.
“Organizations realize they need automation in remediation because they’re still being breached. No one can remediate everything manually. You need something that analyzes for you so you can remediate.”