.

Resecurity: A Unified Platform For Endpoint Protection

Gene Yoo

CEO


“Resecurity provides maximum visibility into enterprise ecosystem from cybersecurity perspective by combining internal and external threat analysis.”

Today, most businesses around the globe are overloaded with cybersecurity events fatigue – what consumps a lot of human resources on SOC team and threat intelligence analysts side. Though there are a variety of solutions that deliver automated notifications, this happens without any validation – what disorients cybersecurity team, and causes a significant risk of missing important information. This is in addition to that lack of visibility and ‘blind gaps’ that are leading to frequent security incidents. This is where Resecurity—a cyber security company that delivers a unified platform for endpoint protection, risk management, and threat intelligence—is creating a difference. In a nutshell, Resecurity is driving Platform-as-a-Service (PaaS) concept combining next-generation antivirus (NGAV), managed threat hunting, cyber risk management, identity protection and other capabilities for comprehensive enterprise protection 24/7/365.

Resecurity allows security teams to optimize and streamline this process by providing actionable and validated cyber threat intelligence information using advanced Data Science and HUMINT capabilities. Secondly, Resecurity provides a unique threat management functions across the entire enterprise ecosystem covering users, networks, services, clouds and applications. The company aims to decrease fragmentation and to unify key cybersecurity components into a single platform delivered as Platform-as-a-Service (PaaS). “Resecurity provides maximum visibility into enterprise ecosystem from cybersecurity perspective by combining internal and external threat analysis.

Leveraging rich APIs enables to implement seamless integration with available data sources and security providers. Moreover, the platform-as-a-service concept allows us to centralize further data flows and to optimize operations for timely reaction and incident response,”

Delivering Actionable Intelligence
In fact, effective threat management is impossible without actionable intelligence data. At this point, Resecurity enables CISO and cybersecurity teams with ‘reach & access’ to the latest Dark Web and underground economy insights, tradecraft of cybercriminal actors and nation-state groups, early-warning alerts about previously undisclosed data breaches and possible supply chain compromises, and other critical cyber risk indicators. Notably, SaaS-based solution delivered by Resecurity via Amazon AWS, Azure MSFT and Oracle Cloud to achieve maximum compliance in variety of geographical regions provides strong Cyber Risk Quantification (CRQ) and Cyber Risk Assessment (CRA) apparatus, allowing with high level of confidence to access information about enterprise cybersecurity posture for further decision making. The data is heavily supported by Cyber Threat Intelligence Analysts and Digital Risk Specialists to avoid ‘false positives’ and to validate collected artifacts. “We do care about the quality of our data and accuracy of the finished threat intelligence Resecurity produces for Fortune 500 customers worldwide. Another important factor – timing (speed) of delivery, otherwise the enterprise may suffer a serious damage without knowing the acquired insights. On top of it, Resecurity applies cutting-edge Data Science, Artificial Intelligence (AI) and Machine Learning (ML) making the data actionable, and the delivery – unparalelled and scalable. Resecurity solutions are SaaS-based and delivered via major cloud marketplaces including Amazon AWS, MSFT Azure and Oracle Cloud,” explains Yoo.

Providing Maximum Value
Resecurity provides both technology and professional services to deliver maximum value. While explaining the value proposition of the company, Yoo recalls an instance when the team assisteda client in face of multi-national corporation that opens a new market/geography (by launching a new product/offering), and immediatly faces with a range of abnormalities likely caused by data leak and/or insider activity. The Client tasked Resecurity to research threat landscape in the new geography, as well as to perform cyber risk assessment of their operations because they had some questions to recently hired staff, but can’t disclose them their doubts due to publicly traded status and possible negative impact on their business profile. Resecurity used a comprehensive approach covering possible internal threat (insider) and external (account/credentials compromise leading to a data leak). “Our HUMINT analysts (targeting specialists) as well as investigators perfomed a ‘deep-dive’ investigation of suspicious activity mentioned by the company, and arranged an extensive profiling of possible internal bad actor who had a dual citizenship and significant network of contacts in semiconductors field in OFAC-listed countries. In addition, using Resecurity RISK (Digital Risk Monitoring) and Context (Threat Intelligence) we were able to acquire knowledge about potentially insecure and already exposed employee accounts which could be also used by bad actors collaborating with insider to extact sensitive data,” adds Yoo.

Combination of these 2 approaches allowed CISO and C-level team to make a strategic decision, and to initiate transfer of potential violator to another unit, limiting his access to sensitive data. Based on further notice, Chief Legal Council made a decision to re-evaluate his activity and terminate his contract after certain period of time – the time was used to analyze his further reaction and communications after his role has been changed. During this time, HUMINT analysts and investigators provided by Resecurity were able to document his communications with potential competitor and to profile the party collaborating to understand their motivation and capabilities. The results of this engagement have been presented to the board (of the Client) and shared with law enforcement agency (LEA) for further coordination in context of possible export control regulation violations and data theft. In the result of this engagement, Fortune 500 company was able to enhance their cybersecurity posture by detecting over 40 employee accounts (belonging to a remote workforce members) as compromised, improve network hygiene, accelerate insider threat detection controls, minimize damage.

The Robust Technology Stack
Resecurity’s team understand the fact that data is the main differentiator, and the “oil” of digital world. That’s the sole reason why the team invests a lot in targeted intelligence acquisition from exclusive sources and human assets represented in Dark Web, underground marketplaces and geographical regions of interest.

This year Resecurity was recognized as a top threat intelligence vendor included in the latest Frost & Sullivan “Global Threat Intelligence Platforms Market 2022” report along with Anomali and Recorded Future. The success was doubled by receiving a “Gold Winner” in 3 categories by Cybersecurity Excellence Awards 2022 – Cyber Threat Intelligence, Threat Hunting and Third-Party Risk Management (TPRM) for North America. The company competitive advantages highlighted in Frost Radar for Threat Intelligence Platforms include strong Human Intelligence (HUMINT) capabilities with global coverage and the largest Dark Web data repository containing billions of indexed historical records and threat actors profiles useful for threat intelligence analysts, cybercrime investigators and risk management professionals.

As a cybersecurity expert, Resecurity provides technology that empowers organizations to reimagine cybersecurity and protect what matters. “Our goal is to drive Platform-as-a-Service (PaaS) model further to new markets and weaponize it with the robust technology stack.

Resecurity operates in North America, Latin America (LATAM), APAC, MENA, Nordics and continues to grow channel-based pipeline of sales internationally with fenomenal growth. Resecurity solutions are SaaS-based and delivered via major cloud marketplaces including Amazon AWS, MSFT Azure and Oracle Cloud. We aim to make our solutions available for enterprise of any size and any market vertical,” concludes Yoo.