| Type | Subsidiary |
|---|---|
| Industry | Information security |
| Founded | 2013 |
| Founders |
|
| Headquarters | Redwood City, California, U.S. |
| Products | Area 1 Horizon |
| Parent | Cloudflare  |
| Website | www |
Area 1 Security, Inc. was an American cybersecurity company based in Redwood City, California [1] which merged into Cloudflare in February 2022. [2]
Area 1 was incorporated in 2013 by Oren Falkowitz, Blake Darché, and Phil Syme, previously employees of the U.S. National Security Agency. [3] The company received venture capital financing led by Kleiner Perkins. [4]
In December 2018, Area 1 identified a Chinese government cyber campaign targeting more than 100 intergovernmental organizations, ministries of foreign affairs, ministries of finance, trade unions, and think tanks, which included breach of the European Union diplomatic communications network. [5]
In January 2020, Area 1 revealed a Russian government phishing campaign targeting Burisma Holdings and its subsidiaries. [6]
In February 2022, Cloudflare announced plan to acquire Area 1 for $162 million in a cash and stock deal. [7]
Area 1 Horizon is a cloud-based service intended to mitigate phishing, ransomware, malware, watering holes, malvertising, and other social engineering threats, across email, web, and network, at the edge or in the cloud. [8] The service is based on "a network of sensors on web servers around the globe, many known to be used by state-sponsored hackers." [9]
Area 1 was named a Cool Vendor by Gartner in 2016, [10] listed among "20 Rising Stars" of the Cloud 100 by Forbes [11] and recognized by the San Francisco Business Times as a "Best Place to Work" in 2017, [12] and named Google Cloud Global Technology Partner of the Year Award for Security in 2018. [13]
In 2019, the Federal Election Commission ruled in AO 2019-12 that Area 1 could "offer its services to federal candidates and political committees at the same 'low or no cost' tier that it offers to all qualified customers without making an impermissible in-kind contribution". [14]
Trend Micro Inc. is a Japanese multinational cyber security software company with global headquarters in Tokyo, Japan and Irving, Texas, United States, and global R&D headquarters in Taipei, Taiwan. Other regional headquarters and R&D centers are located around East Asia, Southeast Asia, Europe, and North America. The company develops enterprise security software for servers, containers, & cloud computing environments, networks, and end points. Its cloud and virtualization security products provide automated security for customers of VMware, Amazon AWS, Microsoft Azure, and Google Cloud Platform.
A supply chain attack is a cyber-attack that seeks to damage an organization by targeting less secure elements in the supply chain. A supply chain attack can occur in any industry, from the financial sector, oil industry, to a government sector. A supply chain attack can happen in software or hardware. Cybercriminals typically tamper with the manufacturing or distribution of a product by installing malware or hardware-based spying components. Symantec's 2019 Internet Security Threat Report states that supply chain attacks increased by 78 percent in 2018.
Trellix is a privately held cybersecurity company founded in 2022. It has been involved in the detection and prevention of major cybersecurity attacks. It provides hardware, software, and services to investigate cybersecurity attacks, protect against malicious software, and analyze IT security risks.
Kaspersky Lab is a Russian multinational cybersecurity and anti-virus provider headquartered in Moscow, Russia, and operated by a holding company in the United Kingdom. It was founded in 1997 by Eugene Kaspersky, Natalya Kaspersky, and Alexey De-Monderik; Eugene Kaspersky is currently the CEO. Kaspersky Lab develops and sells antivirus, internet security, password management, endpoint security, and other cybersecurity products and services.
Veracode is an application security company based in Burlington, Massachusetts. Founded in 2006, it provides SaaS application security that integrates application analysis into development pipelines.
Cloudflare, Inc. is an American company that provides content delivery network services, cloud cybersecurity, DDoS mitigation, and ICANN-accredited domain registration services. Cloudflare's headquarters are located in San Francisco, California. According to The Hill, it is used by more than 20 percent of the entire Internet for its web security services as of 2022.
Palo Alto Networks, Inc. is an American multinational cybersecurity company with headquarters in Santa Clara, California. The core product is a platform that includes advanced firewalls and cloud-based offerings that extend those firewalls to cover other aspects of security. The company serves over 70,000 organizations in over 150 countries, including 85 of the Fortune 100. It is home to the Unit 42 threat research team and hosts the Ignite cybersecurity conference. It is a partner organization of the World Economic Forum.
Mandiant is an American cybersecurity firm and a subsidiary of Google. It rose to prominence in February 2013 when it released a report directly implicating China in cyber espionage. In December 2013, Mandiant was acquired by FireEye for $1 billion, who eventually sold the FireEye product line, name, and its employees to Symphony Technology Group for $1.2 billion in June 2021.
AT&T Cybersecurity is a developer of commercial and open-source services to manage cyber attacks, including the Open Threat Exchange, a crowd-sourced computer-security platform.
Carbanak is an APT-style campaign targeting financial institutions, that was discovered in 2014 by the Russian cyber security company Kaspersky Lab. It utilizes malware that is introduced into systems running Microsoft Windows using phishing emails, which is then used to steal money from banks via macros in documents. The hacker group is said to have stolen over 900 million dollars, from the banks as well as from over a thousand private customers.
Cozy Bear, classified by the United States federal government as advanced persistent threat APT29, is a Russian hacker group believed to be associated with one or more intelligence agencies of Russia. The Dutch General Intelligence and Security Service (AIVD) deduced from security camera footage that it is led by the Russian Foreign Intelligence Service (SVR); this view is shared by the United States. Cybersecurity firm CrowdStrike also previously suggested that it may be associated with either the Russian Federal Security Service (FSB) or SVR. The group has been given various nicknames by other cybersecurity firms, including CozyCar, CozyDuke, Dark Halo, The Dukes, NOBELIUM, Office Monkeys, StellarParticle, UNC2452, and YTTRIUM.
CrowdStrike Holdings, Inc. is an American cybersecurity technology company based in Austin, Texas. It provides cloud workload and endpoint security, threat intelligence, and cyberattack response services. The company has been involved in investigations of several high-profile cyberattacks, including the 2014 Sony Pictures hack, the 2015–16 cyber attacks on the Democratic National Committee (DNC), and the 2016 email leak involving the DNC.
Kaspersky Lab has faced controversy over allegations that it has engaged with the Russian Federal Security Service (FSB) to use its software to scan computers worldwide for material of interest—ties which the company has actively denied. The U.S. Department of Homeland Security banned Kaspersky products from all government departments on 13 September 2017, alleging that Kaspersky Lab had worked on secret projects with Russia's Federal Security Service (FSB). In October 2017, subsequent reports alleged that hackers working for the Russian government stole confidential data from the home computer of a National Security Agency (NSA) contractor in 2015 via Kaspersky antivirus software. Kaspersky denied the allegations, stating that the software had detected Equation Group malware samples which it uploaded to its servers for analysis in its normal course of operation.
The Cybersecurity and Infrastructure Security Agency (CISA) is an agency of the United States Department of Homeland Security (DHS) that is responsible for strengthening cybersecurity and infrastructure protection across all levels of government, coordinating cybersecurity programs with U.S. states, and improving the government's cybersecurity protections against private and nation-state hackers. Its activities are a continuation of the National Protection and Programs Directorate (NPPD), and was established on November 16, 2018, when President Donald Trump signed into law the Cybersecurity and Infrastructure Security Agency Act of 2018.
REvil was a Russia-based or Russian-speaking private ransomware-as-a-service (RaaS) operation. After an attack, REvil would threaten to publish the information on their page Happy Blog unless the ransom was received. In a high profile case, REvil attacked a supplier of the tech giant Apple and stole confidential schematics of their upcoming products. In January 2022, the Russian Federal Security Service said they had dismantled REvil and charged several of its members.
Ryuk is a type of ransomware known for targeting large, public-entity Microsoft Windows cybersystems. It typically encrypts data on an infected system, rendering the data inaccessible until a ransom is paid in untraceable bitcoin. Ryuk is believed to be used by two or more criminal groups, most likely Russian, who target organizations rather than individual consumers.
In 2020, a major cyberattack suspected to have been committed by a group backed by the Russian government penetrated thousands of organizations globally including multiple parts of the United States federal government, leading to a series of data breaches. The cyberattack and data breach were reported to be among the worst cyber-espionage incidents ever suffered by the U.S., due to the sensitivity and high profile of the targets and the long duration in which the hackers had access. Within days of its discovery, at least 200 organizations around the world had been reported to be affected by the attack, and some of these may also have suffered data breaches. Affected organizations worldwide included NATO, the U.K. government, the European Parliament, Microsoft and others.
DarkSide is a cybercriminal hacking group, believed to be based in Russia, that targets victims using ransomware and extortion; it is believed to be behind the Colonial Pipeline cyberattack. It is thought that they have been able to hack and extort money from around 90 companies in the USA alone. The group provides ransomware as a service.
Joe Sullivan is an American Internet security expert. Having served as a federal prosecutor with the United States Department of Justice, he worked as a CSO at Facebook, Uber and Cloudflare. For his role in covering up the 2016 data breaches at Uber, he was convicted in October 2022 on federal felony charges of obstruction and misprision. In January 2023, he took on the role of CEO of Ukraine Friends, a nonprofit focused on humanitarian aid to Ukraine.