This series of articles and the accompanying videos are part of an ongoing project to illuminate the people, products, and vendors that make up the IT security industry. The vendors paid for the video production.

Hand held bar code scanners and RFID chips have changed logistics dramatically in recent years. From manufacturing to every stage of transportation, inventory, and delivery items are scanned tracked in ERP systems.

TrapX discovered that an attack against those ERP systems is systematically being carried out, possibly by those associated with the Google Aurora attack of 2009. They found malware embedded in the hand held scanners at major container shipping organizations. The malware was phoning data home and penetrating the shipper’s network in search of ERP servers.

This is a ground breaking discovery since it is one of the very first that point to compromised products manufactured in China.

TrapX has a powerful network discovery and emulation product. Their appliance essential replicates an enterprise network in a box, creating a robust honeynet that can induce an attacker to show their hand. Like a typical APT defense which detonates malware in a sandbox, TrapX instruments an entire enterprise.

Watch this video interview I conducted with CEO and cofounder of TrapX, Yaniv Alfi (before they changed their name from CyberSense to TrapX).

Leave a Reply