Freely subscribe to our NEWSLETTER

Global Security Mag: What will you present at ITSA?

Mirko Bulles : We are showcasing our Unified Asset Visibility & Security Platform. We are detecting and managing assets in IT, IoT, IIoT, IoMT and OT environments. During proof of concepts we usually find a lot more assets in these environments than the companies that ask us to do so, this is not only a surprise to them, but also a huge threat, because you cannot protect what you can’t see or don’t know you have in terms of company assets. In June we added Asset Vulnerability Management (AVM) to our product portfolio. Our platform is now available via Google Cloud and since October via AWS. We had recently signed technology partnerships with SentinelOne and Illumio. Furthermore, we just introduced our APEX Manage program for resellers. it-sa is a perfect opportunity for us to meet not only existing and potential customers, but also existing and potential reseller partners.

GS Mag: What are the main threats you have identified this year?

Mirko Bulles : We have a dedicated research team within our organization that is constantly looking for vulnerabilities in devices. Earlier this year they discovered TLStorm 2.0, which are five critical vulnerabilities in the implementation of TLS security protocols in multiple models of network switches. The vulnerabilities stem from a similar design flaw identified in the TLStorm vulnerabilities, expanding the reach of TLStorm to millions of additional enterprise-grade network infrastructure devices. In March 2022, Armis first disclosed TLStorm, three critical vulnerabilities in APC Smart-UPS devices. The vulnerabilities allowed attackers to gain control of Smart-UPS devices from the internet with no user interaction, resulting in the UPS overloading and eventually destroying itself in a cloud of smoke. The root cause for these vulnerabilities was a misuse of NanoSSL, a popular TLS library by Mocana.

The main threats are of course supply chain attacks and attacks caused by APT groups. We’ve seen attacks on hospitals that are among the critical infrastructures quite a lot during the year and also in the energy sector.

GS Mag: What about the needs of companies?

Mirko Bulles : Companies, especially critical infrastructures, need to protect themselves against cyber attacks, especially APT attacks. They need to know all their assets to prove on a regular basis that they are secure, but most organizations don’t know how many assets they have and where and what type. That is an issue, because they can’t protect their attack surface when they don’t know it.

GS Mag: How will your strategy evolve to address these issues?

Mirko Bulles : We are constantly evolving our products due to the needs of our customers and in regards to the ever evolving threat landscape, which for example led to the introduction of AVM in summer.

GS Mag: What advice do you have in this area, and more generally to limit the risks?

Mirko Bulles : 1. Quickly discover all assets that need to be patched or protected from exploit attempts to plan and prioritize mitigation efforts. Our solution not only detects the existence of these devices on the network, it can also provide valuable data about the device owner and physical location to expedite mitigation efforts.
2. Detect exploit attempts in real-time and orchestrate the response through integrations with the IT and security tech stack.
3. Continue to track the long tail of ‘still to be patched’ assets, and new assets that might be vulnerable. Ensure these assets aren’t targeted by exploit attempts at any time, and do not pose a threat to your network.

GS Mag: Finally, what message would you like to convey to our readers?

Mirko Bulles : Visibility is the key to security.