itrust company overview en
Post on 15-Feb-2017
12 Views
Preview:
TRANSCRIPT
1
Cybersecurity Solution Provider
European Leader
LEADERSHIP
CEO & Co-Founder
Jean-Nicolas PiotrowskiFormer BNP Paribas CISO
ITrust, your cybersecurity expert
10 years experience in cybersecurity
35 collaborators and 30 Data Scientists in labs
More than 200 public and private clients
100% growth/year
VP Business
David OferIT Engineer
PhD in Management, HEC
20 years of experience in High tech
business development
CFO & Co-Founder
Henri PiotrowskiSupaéro Engineer, former AIRBUS-ATR CEO
Paris, Toulouse (headquarters), New York,
Colombus, Shanghai (ongoing)
Value proposal
Covers all cybersecurity activities in all sectors
Leading solutions
International
Cybersecurity as a Service
Shareholders and financial aid
100% French simplified joint-stock company / 483.352 € share capital / 3,3 M€ owner equityPrivate and institutional investors (NewAlpha, Nestadio, Crédit Agricole, Caisse d’Epargne)
Supported by the French state: Financial aid through BPI and the Deposits and Consignments Fund (reimboursable R&D financing)
Financing through the « Investment for the Future » programme
Partners
Prizes & Associates
ITrust, your cybersecurity expert
A company worthy of our attention: ITrust declares war on hacking
Translation (FR-EN) of article retrieved from the
<LesEchos.fr> online newspaper & published by Laurent Marcaillou,
Toulouse, 25.02.2015
“ITrust started its missions in IT security withinAirbus, Toulouse, in 2007. With this expertise, theyoung company designed the IKare software, able toscan an information system in order to detectpotential weaknesses and manage security. Launchedin 2012 , this solution minimizes the duration of anaudit concerning an information system. Its saleswere doubled in 2014 after registering roughly 1,030new clients.The enterprise, with only 25 employees, also doubledits turnover to 1,3 million euro and envisions anothertwo-fold increase in its turnover for the year 2015.Among its clients, we will stumble upon giants suchas: Total, Air France, Airbus, Bull [...]”
Articles in pressabout ITrust & its solutions
ITrust presents an unequaled software an European Level
“The Toulouse-based enterprise ITrust, specializedin IT security, is on the verge of unveiling a new, yetto be seen cybersecurity software.ITrust’s CEO, Jean‐Nicolas Piotrowski, was presentat the International Cybercrime Forum to presentthis exciting innovation.Q: Why is your new product considered abreakthrough among existing IT security solutions?R: We’ve been working on IT-Tude for 7 years now:it’s a groundbreaking technology that enablespeople to detect weak signals hinting at unknownviruses, otherwise known as APTs (AdvancedPersistent Threats).”
Translation (FR-EN) of article retrieved from the
<Tribune> online newspaper and published by Valentin Dohin,
29.01.2015
Articles in pressabout ITrust & its solutions
A French security solution on a French cloud
“Developed by the Secure Virtual Cloud(SVC) consortium, this 3-year projectworth 14 mil. Euro is led by theToulouse-based start-up ITrust and nineother partners, of which we willmention the IT Research Institute ofToulouse (IRIT), The System Analysis andArchitecture Laboratory (LAAS) and Bull.Founded in 2007, ITrust distributesIKare, a vulnerability managementsoftware proposed in cloud mode forreal-time monitoring, or throughlicensing bit by bit. Its interest?[...]”
Translation (FR-EN) of article retrieved from the <L’Usine Nouvelle> online
newspaper and published by Ridha Loukll, 20.09.2012
Articles in pressabout ITrust & its solutions
Defence & aero
Bank
Health & pharma
Public sector
Insurance & social protection
Transport & logistics
Education Energy &
utilities
Food industry
Client referencesMore than 100 clients in Europe – 300 000 continuously supervised IPs
15 million stolen credit cards
Target Credit Cards & Customer Info Hacked (2013)
“US discount retailer Target found 40million of its customer accounts werehacked during November 27 andDecember 15, 2013.Across the US, during Black Friday, theTarget stores were targeted andcustomer names, credit cards, debitcards, and CVV values of severalcustomers were hacked. The retailmajor said that other information suchas addresses, PIN, social securitynumbers, etc., were not hackedhowever. “
Extract from the “Recent Hacking Incidents Around the World“ article retrieved from the <MapsOfWorld>
online newspaper , published 01.09.2014
Authorities suspect perpetrator is based in the United States
“According to the LaTribune.fr, The NationalInformation System Security Agency (ANSSI)launched an investigation in order to establishwhether or not Airbus Helicopters fell victim to ahacking incident that might be linked to animportant call for tenders in Poland. The onlinenewspaper quotes relevant sources whenindicating that the perpetrator is most likelybased in the United States. The Americancompanies Sikorsky and Boeing are at the presentmoment involved in a full-blown commercialbattle on Polish territory with the Europeanmanufacturer. [...]”
Translation (FR-EN) of article retrieved from the <L’Usine
Digitale> online newspaper and published by Julien Bonnet,
13.11.2014
Airbus Helicopters, victim of a cyber-attack
Biggest heist of the centuryhits the banking sector
“A band of Russian, Ukrainian and Chinesecriminals discovered a way to hack intoseveral banking institutions by infiltratingtheir networks. The losses recorded afterthe attacks, which were launched in 2013and continue to this day, amount to abillion euro.We are potentially witnessing the biggestheist of the century. The RussianCybersecurity Expert, Kaspersky, releasedMonday a report revealing that, since2013, over a hundred banks had beenhacked by 2.0 thieves.”
Translation (FR-EN) of article retrieved from the
<FranceSoir.fr> online newspaper and published 16.02.2015
Banks: more than a billion dollars stolen by hackers
Sony Pictures Hack: Co-chairmain Amy Pascal resigns
“Amy Pascal, Co-chairman of Sony Pictures,finally announced her resignation.The group was hacked at the end ofNovember and the attackers leaked someof Mrs. Pascal’s emails, containing racistcontent directed towards President BarackObama.Having tarnished the studio’s reputation,the scandal quickly reached internationalproportions. In other words, the Co-chairman’s departure was to be expected.”
Translation (FR-EN) of article retrieved from the
<LePoint> online newspaper and published 05.02.2015
Hacking & its human consequences
Cybersecurity Solution ProviderExpertise – Products – Security Operations Center
EXPERTISE
Expertise
Consulting
Pentest
Darknet
Training
This is the core business of ITrust.
Our Security Consultants test the
resistance of your architecture, be
it externally or internally, and
accompany you in order to help
you secure your computer network
in the long term.
SOLUTIONS
vulnerability scanner
behavioral analytics
framework & AI
Our engineers are constantly
developing new tools to facilitate
the management, analysis and
understanding of vulnerabilities
and cyber attacks.
SOC as a Service
Managed and/or
SaaS and/or
OEM and/or
On Premise and/or
ITrust manages the entire security
process of companies that wish to
outsource their cybersecurity.
Our Security Operations Center
integrates advanced reporting and is
based on our two leading products.
Vulnerability managementRisk & Report
Vulnerability scanning tool
The implementation of IKare can lead to a 90% reduction of
vulnerabilities on the network it is deployed on. 90% is also
the rate of success of our penetration tests (auditing)
performed at our clients. IKare allows the identification and
correction of their security flaws.
TOP 10 uncovered Covered
security flaws by IKare
“Wordy” systems
Weak passwords
Permissions and access rights
Inter-domain trust
Databases
with default passwords
“Wordy” DNS serves
Sharing confidential files
Poorly configured
protocols
Abandoned development
servers
Non-rectified known vulnerabilities
Vulnerability coverage rate of the
top 10 vulnerability by technology type:
99% of security flaws could be easily rectified...
…but these issues cannot be addressed by an antivirus & firewalls!
IKare –Positioning
Automated Vulnerability & Security Audit tool
Values Accessible and intuitive
Simple and modern
Tailored reporting to management
Best practices
The fruit of the cybersecurity experience of our consultants
Why? ALM : Up-to-date systems
IT : Supervision and Dashboard
DG : Risk Assesment - legal
Use Virtual machine or server in your information system
Cloud mode: from ITrust servers
Ready to deploy and operational in a few minutes
Deployement No agents needed for installation
Automated network discovery
Ready to integrate in the information system
Assets French Cloud (not restricted by the Patriot Act)
Service and proximity
R&D with LaaS, IRIT and TSoE
IKare Vulnerability Management Product positioning
• Vulnerability audit in real-time
• Proactive security issues identification
• Infrastructure and applications automated discovery
• Correlation and supervisionVulnerability detection becomes more reliable. These engines limit the number of false positives and allowthe detection of abnormal behaviors.
• Responsibility area determination
• Security alerts
• Virtual groups ensuring decision-making concerning security
• Trending, security evolution in time
• Business unit management
IKare functions
IKare: simple & intuitive interface
A major breakthrough
“BEHAVIORAL ANALYSIS IS THE MOST PLAUSIBLE SOLUTION FOR UNKNOWN VIRUS”NSA VICE CHAIRMAN 2012
“The next Pearl Harbor we might beconfronted with could very well be a
cyber attack”– Leon Panetta, US Secretary of Defense& former CIA Director (August 2011Senate Hearing)
Behavioral analysis can boost cybersecurity
“Behavioral analysis is the most plausible solution for unknown viruses”
– NSA Director , 2012
21
A groundbreaking technology
• Protects your infrastructures against APTs, viruses & unknown attacks
• Detects malicious behaviors within your information system
• Identifies weak signals in order to anticipate performance problems,
but is also capable of identifying stealth attacks
• Avoids data extraction
• Avoids resource depletion within your information system
ReveeliumAnomaly Detection Platform
Reveelium is a complete anomaly detection and prevention platform:
It relies on your existing infrastructures (« Plug and play »);
Automatically detects, analyses and prioritizes anomalies, grading them according to their potential risk;
Predicts performance or security issues with the use of machine
learning technologies.
ReveeliumProduct principle
1. A weak signal analysisbuilt on our research and partnerships with mathematical laboratories.
2. A logical correlatorbuilt on the experience of our engineers and security consultants.
3. A shared knowledge base
Reveelium is a unique combination of 3 scanning engines:
An innovating 3D-technology
• What is an anomaly?– Weird condition/nonsensical sample/deviation from the norm
– Data inconsistency not matching with any normal behavior
(either observed or learned)
• How do we detect it?– By using Machine Learning technologies
– By building profiles of normal behaviors
– By identifying deviations from the norm
Anomaly detection
Machine learning
Huge data volumes learning
Normal behaviors learning with a minimum of human interaction
& Statistical and preventive analysis
Validating learning
Identifying nonsensical / missing samples
Identifying seasonalities
Identifying abnormal behaviors
Reveelium engines
is not a new concept, but Reveelium repurposes it in thescope of automatic learning applied to supervised systems.
Learning VS correlation…
… why not use both,
for better qualified results:
• Eliminating false positives
• Correlating external data sources
in order to fine-tune the decision-making process
• System expert
Post-treatment results
Anomaly detection engines
Reveelium: APT Threat ModuleUse case demonstration
Reveelium: APT Threat ModuleUse case demonstration
Plugin SIEM or through application
VM Standalone
External VM SaaS or on the premisesCovers the entire supervision platform: logging, log correlation, alert correlation
POC Model
Similar to a plugin for enterprise applications, journals, XML data, meant to search for professional anomalies and all abnormal behaviors alike (AS, IAM, Messaging…)
Plug and play on a supervision platform
No need to be a security consultant or Data Scientist!
can be delivered through private or public cloud by
Saas or OnPremise
Delivery models
• Risk management policies
• Justifying the existence of a cyber attack
• Ability to assess proof for a filed complaint
• Security level history up until the moment of the attack
• Legal investigation – forensic computing
• Cyber-insurance
• Limited criminal risk
• Pro-active defense process
Legal outlook
Thank you
Contact
ITrust Headquarters
55 Avenue l’Occitane, BP 67303
31673 Labege Cedex
Telephone: +33 (0)5 67 34 67 80
Email: sales@itrust.fr
International Office:
24 rue Firmin Gillot
75015 Paris
www.itrust.fr/en
www.ikare-monitoring.com
www.reveelium.com/en
top related