Alain de Wolff & Ronen Carmona, BugSec: We help companies build cybersecurity skills
August 2017 by Marc Jacob
BugSec was established in 2005 and specialized in pentest and consulting. Today the company offers services in offensive, defensive and R & D security. It has also set up its own SOC and therefore offers services of Managed SOC. The company that provides services in white label wishes to make its brand more known on the world market. It intends to set up subsidiaries in different countries in Europe, the United States and Asia. Alain de Wolff, Head of Global Sales & Business Development and Ronen Carmona, CEO of BugSec believe that companies need to build cybersecurity skills.
Alain de Wolff
GS Mag : Can you present your company?
Alain de Wolff : BugSec was founded in 2005 by three founders, including a young man of 16 years old, Eyal Gruner which penetrated the largest Israeli bank in order to show them their security weaknesses.
Today, in Israel, we are the leaders in the market, both in size, as well as in number of customers. We are considered the consulting company with the highest technological knowledge in the country.
Our customers are in the public, as well as in the private sector and include ministries, intelligence and law-enforcement agencies, banks, Telkom , ISPs, airline and maritime companies, etc., and in general all the companies that apprehend de risks of cyber security. We also supply consulting services to companies that are themselves active in the cyber security field.
We have a program with the Israeli Ministry of Education that allows students, from the 11th grade, to come and work with us. This gives them the opportunity to increase their competences. This way, as soon as they enter the ranks of the Israeli Army, they will have facilities to be integrated in the army’s cyber security services. For us, everything starts with the young people, as they will be the ones to take control of the cyber security of the countries in the near future.
BugSec develops all its tools and even developed two products in the past – VERSAFE and CYNET – that are today fully independent companies. VERSAFE is a product that was developed for the financial sector and that deals with anti-fraud. It was sold to F5 Networks in 2013. CYNET is an advanced threat detection system that BugSec developed in 2014 in order to detect threats before they could cause damage.
GS Mag : Could you present your services?
Alain de Wolff and Ronen Carmona : Our company is composed of three departments:
Offensive Security : We perform offensive attack simulations for our customers
Defensive Security : We propose security risk analyses on products, systems and entire enterprises
R&D : This department has two divisions :
o Research: we perform research on new types of attacks and vulnerabilities, we develop new tools and do product/solution security analyses in order to determine which ones are provide best protection for our customers.
o "Incident Response": They intervene during cyber events. They investigate the events and perform forensics, malware analysis and reverse engineering.
Due to the fact that we have in-house developers who are known experts in the security field (for example named in the « Google Hall of Fame »), we have the technical and technological capabilities to develop our tools ourselves. It is for this reason that all the tools that BugSec uses in our offensive and defensive departments are tools that have been fully developed in-house by our own development teams.
On top of this, we perform all our tests and simulations manually, which gives us the opportunity to be closer to the specificities of each of our customers.
In the offensive security department, we offer cyber-attack simulations, "red team" simulations, external takeovers, etc. We also perform SWIFT audits, as well as social engineering.
Moreover, we offer product security analyses testing the level of known cyber security platforms. By offering this service to our customers, we investigate to see whether the products is not the source of the problem, if it has been configured correctly, etc. In case the customer doubts between various products, we analyze each of them and give a scoring according to the specific requirements of the customer, taking into account its environment, sector of activities, etc.
Concerning the Swift audit, following the various hacks of 2015 and 2016, Swift is obliging its member banks to elevate their cyber protection. This needs to be done by mid-2018. During the Swift audits, we analyze the security level of the bank, the security level of the Swift module within the bank and finally we perform attack simulations on the Swift system.
On the defensive side, we perform different types of risk analyses.
We take into account the type of company, its context, its subsidiaries, its information system, etc. and perform the tests from threat modeling all the way to architecture review and components hardening.
We have, amongst others, a team of developers that train our customers’ developers in secured development. This means that we teach them to incorporate the security aspect in all stages of the development. Finally, we have a SOC that allows us to offer « managed SOC services » and we assist tour customers in creating their own SOC. This service includes the implementing of the SOC, assisting the customer in the recruitment of its SOC personnel, the writing of the SOC manual, as well as the procedures to operate the SOC.
Our main advantage in the SOC service is the synergy between our three departments. This synergy enables us to better understand how to defend against different types of attacks and to create intelligent correlations between all the security components of the organization, while at the same time reducing the amount of false-positives.
GS Mag : What is your marketing strategy?
Alain de Wolff and Ronen Carmona : Until now, BugSec was performing most of its international projects as a white label company. This means that we were doing the services in the name of someone else. We would like to put the BugSec brand in front of the customers and attack the market directly.
We plan to open subsidiaries in various countries and, as a start, we plan to do this in one or two Western European countries, as well as in the Americas and in Asia. This means that we will have local recruitment of people and thus create jobs.
We would like to continue with the development of our services, particularly the « managed SOC services » and offensive security operations, but also further develop our R&D in order to continue supplying our customers with services that are at the cutting edge of technology and in advance of the cyber criminals and their attacks.