Nyotron

Last updated
Nyotron
IndustryComputer security
FoundedNir Gaist
Ofer Gaist
Founder2009
Headquarters
Santa Clara, California
,
U.S.

Nyotron is an information-security company. It was established in 2009 by brothers Nir and Ofer Gaist. Nir Gaist is the CTO, and Sagit Manor (a former executive at Verifone) became the CEO in 2017. The company is based in Santa Clara, CA, with an R&D office in Herzliya, Israel.

Contents

History

In 2006 18-year-old Nir Gaist created the original concept for the technology that became Nyotron's flagship product, Paranoid. In 2007, he and Ofer traveled to Bucharest, Romania to develop the prototype, in partnership with Matrix Rom [1]

In 2008 he returned to Israel seeking support from investors. [2] Major General (ret.) Amos Malka, former director of intelligence of the IDF, was among the first investors and served as Nyotron's first chairman of the board.

In 2014, the first official version of Paranoid was shipped. In 2016, Nyotron moved its headquarters to Santa Clara, CA. The company launched the Global War Room SOC console in 2017 and began offering Paranoid as a service. This "Managed Detection and Response" (MDR) service, provided a solution for companies that require protection against advanced attackers and unknown threats but have limited security staff.

In 2018, Nyotron signed a distribution agreement with Ingram Micro. The company published an in-depth research report on the activities of the OilRig nation-state actor [3] (aka APT34). Nyotron also joined the Anti-Malware Testing Standards Organization (AMTSO). [4]

Paranoid Technology

Paranoid's anti-malware and Endpoint Detection and Response (EDR) technology are grounded on three realizations:

Nyotron created a map of the known good behavior of the operating system in the areas where malicious activity would attempt access, such as file systems, process and thread management, networking and registry, and partition modification. This approach is called OS-Centric Positive Security, or automatic OS behavior whitelisting. The language used for describing these “maps” is called Behavior Patterns Mapping (BPM). [5] This patented [6] language does not require machine learning/artificial intelligence or any other statistical or math-based algorithm. Instead, it is deterministic. Its algorithm's complexity is O(1), which means the performance doesn't degrade with the volume of input.

As its OS-Centric Positive Security approach focuses only on the “good” behavior of the operating system, Paranoid detects and blocks both known and unknown malware (including zero-day exploits). The company calls this “threat-agnostic defense”.

In addition to protection, Paranoid provides visibility into the attack's timelines, root cause and attacker's methods (TTPs).

Funding

In 2015 the company raised $10 million from Mivtach Shamir Holdings and other investors. [7] In 2017, $21 million was raised by Douglas and Sandra Bergeron, founders of DGB Investments, with other investors. [8] In 2018 Ingram Micro made a strategic investment of $10 million. [9]

Certifications, reviews and awards

In July 2017, Paranoid was a part of SC Magazine's Endpoint Security Group Test and received 5 out of 5 stars. The publication stated, “from the perspective of breadth and depth of analytical capability, it is one of the best, if not the best, displays of its type that we have ever seen.” [10]

In September 2017, Nyotron was labeled as a “Vendor to Watch” by Enterprise Management Associates. Nyotron was also named as a Top 50 Cyber Security Leader of 2017 by Cyber Defense magazine. [11]

In 2018, Paranoid was named “The Innovator in Endpoint Security for 2018” by Cyber Defense. [12]

In September 2018, IT Central Station released a review of Paranoid, giving it 4 out of a possible 5 stars, stating “All the ransomware that is now happening in many companies, this product is a solution for that. Ransomware is like a virus and transforms - it's changing every day. This product really is the best solution for this security issue. It's protecting the end-point from a ransomware threat.” [13]

In October 2018, ICSA Labs released a report, stating Nyotron's Paranoid was ICSA Labs certified in Advanced Threat Defense. The report goes on to say that Nyotron detected 100% of the 441 malicious samples tested, and had only 1 false positive out of 721 innocuous apps in the test. [14]

In February 2019, Nyotron won silver Cybersecurity Excellence Awards in the categories of Most Innovative Cybersecurity Company [15] and Advanced Persistent Threat Protection. [16]

In February 2021, the company's "Vaccine for Ransomware" spam campaign caused recipients to submit the sending emails & domains to Microsoft as spam.

Related Research Articles

<span class="mw-page-title-main">Trend Micro</span> Japanese multinational cyber security company

Trend Micro Inc. is a multinational cyber security software company with global headquarters in Tokyo, Japan and in Dallas/Fort Worth Metroplex, United States. The company has globally dispersed R&D in 16 locations across every continent excluding Antarctica. The company develops enterprise security software for servers, containers, & cloud computing environments, networks, and end points. Its cloud and virtualization security products provide automated security for customers of VMware, Amazon AWS, Microsoft Azure, and Google Cloud Platform.

<span class="mw-page-title-main">ESET</span> Slovak internet security company

ESET, s.r.o., is a Slovak software company specializing in cybersecurity. ESET's security products are made in Europe and provide security software in over 200 countries and territories worldwide, and its software is localized into more than 30 languages.

<span class="mw-page-title-main">Ransomware</span> Malicious software used in ransom demands

Ransomware is a type of malware from cryptovirology that threatens to publish the victim's personal data or permanently block access to it unless a ransom is paid off. While some simple ransomware may lock the system without damaging any files, more advanced malware uses a technique called cryptoviral extortion. It encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. In a properly implemented cryptoviral extortion attack, recovering the files without the decryption key is an intractable problem – and difficult to trace digital currencies such as paysafecard or Bitcoin and other cryptocurrencies are used for the ransoms, making tracing and prosecuting the perpetrators difficult.

Fortinet is a cybersecurity company with headquarters in Sunnyvale, California. The company develops and sells security solutions like firewalls, endpoint security and intrusion detection systems. Fortinet has offices located all over the world.

Webroot Inc. is an American privately-held cybersecurity software company that provides Internet security for consumers and businesses. The company was founded in Boulder, Colorado, US, and is now headquartered in Broomfield, Colorado, and has US operations in San Mateo and San Diego, and globally in Australia, Austria, Ireland, Japan and the United Kingdom.

Ceedo is a cybersecurity company based in Netanya, Israel. Ceedo uses software virtualization technologies to create application containers, claiming to eliminate or reduce endpoint security threats like viruses or ransomware.

<span class="mw-page-title-main">Bitdefender</span> Romanian cybersecurity technology company

Bitdefender is a Romanian cybersecurity technology company headquartered in Bucharest, Romania, with offices in the United States, Europe, Australia and the Middle East.

<span class="mw-page-title-main">Symantec Endpoint Protection</span> Computer security software

Symantec Endpoint Protection, developed by Broadcom Inc., is a security software suite that consists of anti-malware, intrusion prevention and firewall features for server and desktop computers. It has the largest market-share of any product for endpoint security.

A supply chain attack is a cyber-attack that seeks to damage an organization by targeting less secure elements in the supply chain. A supply chain attack can occur in any industry, from the financial sector, oil industry, to a government sector. A supply chain attack can happen in software or hardware. Cybercriminals typically tamper with the manufacturing or distribution of a product by installing malware or hardware-based spying components. Symantec's 2019 Internet Security Threat Report states that supply chain attacks increased by 78 percent in 2018.

<span class="mw-page-title-main">Malwarebytes</span> Internet security company

Malwarebytes Inc. is an American Internet security company that specializes in protecting home computers, smartphones, and companies from malware and other threats. It has offices in Santa Clara, California; Clearwater, Florida; Tallinn, Estonia; Bastia Umbra, Italy; and Cork, Ireland.

<span class="mw-page-title-main">Kaspersky Lab</span> Russian multinational cybersecurity and anti-virus provider

Kaspersky Lab is a Russian multinational cybersecurity and anti-virus provider headquartered in Moscow, Russia, and operated by a holding company in the United Kingdom. It was founded in 1997 by Eugene Kaspersky, Natalya Kaspersky, and Alexey De-Monderik; Eugene Kaspersky is currently the CEO. Kaspersky Lab develops and sells antivirus, internet security, password management, endpoint security, and other cybersecurity products and services.

<span class="mw-page-title-main">Palo Alto Networks</span> American technology company

Palo Alto Networks, Inc. is an American multinational cybersecurity company with headquarters in Santa Clara, California. The core product is a platform that includes advanced firewalls and cloud-based offerings that extend those firewalls to cover other aspects of security. The company serves over 70,000 organizations in over 150 countries, including 85 of the Fortune 100. It is home to the Unit 42 threat research team and hosts the Ignite cybersecurity conference. It is a partner organization of the World Economic Forum.

Cyren Inc. was a cloud-based Internet security technology company that provided security services and threat intelligence to businesses. It offered a range of services including web security, DNS security, anti-spam solutions, phishing detection, ransomware protection, URL filtering, malware detection, and botnet attack prevention. Cyren also provided endpoint protection for mobile devices and Internet of Things (IoT) gateways. Major clients included Microsoft, Google, Check Point, Dell, T-Mobile, and Intel. The company announced its closure in February 2023.

CrowdStrike Holdings, Inc. is an American cybersecurity technology company based in Austin, Texas. It provides cloud workload and endpoint security, threat intelligence, and cyberattack response services. The company has been involved in investigations of several high-profile cyberattacks, including the 2014 Sony Pictures hack, the 2015–16 cyber attacks on the Democratic National Committee (DNC), and the 2016 email leak involving the DNC.

<span class="mw-page-title-main">Cylance</span> American software firm

Cylance Inc., is an American software firm based in Irvine, California, that developed antivirus programs and other kinds of computer software that sought to prevent, rather than reactively detect, viruses and malware. Cyber Secure India described it as "the first company to apply artificial intelligence, algorithms, and machine learning to cyber security."

A medical device hijack is a type of cyber attack. The weakness they target are the medical devices of a hospital. This was covered extensively in the press in 2015 and in 2016.

<i>Petya</i> and <i>NotPetya</i> Family of encrypting ransomware discovered in 2016

Petya is a family of encrypting malware that was first discovered in 2016. The malware targets Microsoft Windows–based systems, infecting the master boot record to execute a payload that encrypts a hard drive's file system table and prevents Windows from booting. It subsequently demands that the user make a payment in Bitcoin in order to regain access to the system.

Browser isolation is a cybersecurity model which aims to physically isolate an internet user's browsing activity away from their local networks and infrastructure. Browser isolation technologies approach this model in different ways, but they all seek to achieve the same goal, effective isolation of the web browser and a user's browsing activity as a method of securing web browsers from browser-based security exploits, as well as web-borne threats such as ransomware and other malware. When a browser isolation technology is delivered to its customers as a cloud hosted service, this is known as remote browser isolation (RBI), a model which enables organizations to deploy a browser isolation solution to their users without managing the associated server infrastructure. There are also client side approaches to browser isolation, based on client-side hypervisors, which do not depend on servers in order to isolate their users browsing activity and the associated risks, instead the activity is virtually isolated on the local host machine. Client-side solutions break the security through physical isolation model, but they do allow the user to avoid the server overhead costs associated with remote browser isolation solutions.

Cisco Talos Intelligence Group is a cybersecurity technology and information security company based in Fulton, MD that’s a part of Cisco Systems Inc. Talos’ threat intelligence powers Cisco Secure products and services, including malware detection and prevention systems. Talos provides Cisco customers and internet users with customizable defensive technologies and techniques through several of their own open-source products, including the Snort intrusion prevention system and ClamAV anti-virus engine.

Emsisoft Ltd. is a New Zealand-based anti-virus software distributed company. They are notable for decrypting ransomware attacks to restore data.

References

  1. "Matrix Rom". Matrix Rom.
  2. Kepes, Ben (12 January 2017). "Nyotron launches to 'secure the world.' Simple, eh?". Network World. IDG Communications. Retrieved 27 February 2019.
  3. Seals, Tara (21 March 2018). "OilRig APT Significantly Evolves in Latest Critical Infrastructure Attacks". Infosecurity Magazine. Reed Exhibitions. Retrieved 27 February 2019.
  4. "Members". AMTSO. Retrieved 2019-07-09.
  5. Shamah, David. "Nyotron's Paranoid technology stops viruses – before they're born". The Times of Israel. Retrieved 27 February 2019.
  6. "Patents Assigned to Nyotron Information Security, Ltd". Justia Patents. Retrieved 27 February 2019.
  7. Ziv, Amitai. "Cyber Nyotron Raised $10 Million led by Mivtach Shamir". TheMarker. Retrieved 27 February 2019.
  8. Schubarth, Cromwell. "Santa Clara security startup raises $21M, names ex-McAfee exec as CEO". Silicon Valley Business Journal. American City Business Journals. Retrieved 27 February 2019.
  9. Marinova, Polina. "Term Sheet -- Friday, October 12". Fortune. Fortune Media. Retrieved 27 February 2019.
  10. Stephenson, Peter (5 July 2017). "Nyotron PARANOID". SC Magazine. SC Media. Retrieved 27 February 2019.
  11. "Cyber Security 2017 CDM Leader". Cyber Defense Magazine. Cyber Defense Media Group. 23 May 2017. Retrieved 27 February 2019.
  12. "InfoSec Awards 2018 – Winners". Cyber Defense Magazine. 12 April 2018. Retrieved 27 February 2019.
  13. Amir, Ilan. "NYOTRON PARANOID REVIEW Prevents Harm To The OS, And Gives Visibility To The User And Administrator". IT Central Station. Retrieved 27 February 2019.
  14. "Q3 2018 Advanced Threat Defense Certification Testing Report" (PDF). ICSA Labs. Retrieved 27 February 2019.
  15. "2019 Cybersecurity Company Awards – Winners and Finalists". Cybersecurity Excellence Awards. 20 February 2019. Retrieved 27 February 2019.
  16. "2019 Cybersecurity Product Awards – Winners and Finalists". Cybersecurity Excellence Awards. 8 February 2019. Retrieved 27 February 2019.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.