Threat HUNTing Platform
Credential Risk Assessment and Remediation
ORKOS: Preventing the 9 steps to domain collapse
R9B understands the cognitive aspects of cyber operations. Our curriculum provides the hands-on technical skills students require to attain a variety of advanced cybersecurity qualifications. We instill the knowledge, skills, and abilities necessary for our students to defeat the adversary. Below are our available courses. Please check back often as our course offerings are updated regularly. Government organizations, please contact R9B directly via training@root9B.com for pricing and purchasing information.
root9B, a leading provider of advanced cybersecurity services and tailored active defense capabilities, announced today the development of Orkos, a revolutionary product to identify critical credential theft risks in organizational networks. root9B is a root9B Technologies company (OTCMKTS: RTNB).
Major network breaches follow a pattern of three phases – attackers first exploit a vulnerable system; then steal credentials granting them access to thousands more systems; and then use the stolen credentials to deploy malware across an enterprise and steal critical information or destroy systems.
“In a large organization, no matter how thorough the security team, you have to assume attackers will be able to compromise at least one server or one workstation,” said Matt Weeks, root9B’s Director of Emerging Technologies. “The greatest weakness of enterprise networks is in the second phase; the credential exposure that leads to total network compromise.”
Today, organizations spend millions of dollars on products and services aiming to stop cyber attackers from exploiting systems in the first phase and detecting malware in the third phase. This approach does not address the second phase – a large credential risk gap that dramatically increases the impact of compromise.
“A credential assessment should be just as important as a vulnerability report for audit committees, and executives charged with compliance and cyber insurance responsibility,” Mr. Weeks added. “We are seeing increasing interest from the PCI, Government, Healthcare, and other sectors.”
Orkos, root9B’s credential assessment capability, combines comprehensive data collection, advanced logic, and cutting-edge visualization to identify the critical links attackers will exploit in a major breach. It identifies not only immediate risks, but higher-order effects, showing the total risk of credential theft. Orkos also supports remediation through simulation of network changes that would prevent an attacker from compromising additional systems with stolen credentials. Orkos was designed to find and mitigate the types of dangers vividly illustrated by the recent Target and Sands breaches.
root9B’s Emerging Technologies Directorate maintains a world-class team of research and development engineers that prototype, refine, and deploy new technology solutions for network defense, including vulnerability and credential risk assessments and mitigation strategies. root9B operators, threat analysts, and engineers execute active adversary pursuit, network threat detection, and risk mitigation services with a unique set of advanced tools.
Matt Weeks presented and demonstrated this new root9B product offering at the annual applied security conference in Vancouver, CanSecWest 2015.
Orkos is expected to be released in Summer 2015.
BACK TO NEWSROOM