CybersecAsia Reader's Choice Awards 2024

Brief description of solution/service

Sumsub is an AI-powered verification platform to secure the whole user journey. With Sumsub’s customizable KYC, KYB, transaction monitoring and fraud prevention solutions, you can orchestrate your verification process, welcome more customers worldwide, meet compliance requirements, reduce costs and protect your business.

What security-related issues did your organization desire to address with this solution/service

Sumsub's upgraded Fraud Prevention Solution addresses the surge of deepfake technology and escalating cyber threats in APAC, including Singapore. It targets fraud networks' rise with advanced technologies like machine learning algorithms and a unique fraudster database. The solution equips businesses to detect and combat fraud effectively, with a multi-layered approach and enhanced capabilities for fraud network detection. This proactive defense safeguards businesses and users from evolving threats across digital platforms, offering a fortified defense against account takeovers, chargeback fraud, bot attacks, and more.

What technologies and/or innovations are applied/deployed in this solution/service?

Sumsub's Fraud Prevention Solution employs cutting-edge technologies and innovations to combat fraud effectively. These include machine learning algorithms, a unique fraudster database, multi-layered fraud detection approaches, and advanced capabilities for fraud network detection. Additionally, the solution utilizes Identity Verification, Behavioural Intelligence, Device Fingerprinting, Fraud Risk Scoring, Deepfake Detection, Email and Phone Risk Assessment, and AI-based Event Monitoring to identify and mitigate various types of fraud across digital platforms.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Sumsub's Fraud Prevention Solution surpasses traditional anti-fraud and KYC methods, providing robust protection against diverse fraud types like account theft, romance scams, and payment fraud. It fosters user and regulatory trust while catering to the specific requirements of fintech, e-commerce, iGaming, online media, and marketplace businesses. Cases: DTCPay. You can learn more about our clients/cases and results here: https://sumsub.com/customers/

Vectra Website

Brief description of solution/service

Vectra AI is the leader in hybrid attack detection, investigation and response. The Vectra AI Platform with patented Attack Signal Intelligence™ uses behavior-based AI to defend against cyber-attackers – empowering security operations center (SOC) teams to rapidly detect, prioritize, investigate and fight cyber-attacks, including GenAI attacks with AI. With 35 patents in AI behavior-based threat detection across data center and public cloud networks, services, identities, and SaaS applications, coverage for more than 90% of MITRE ATT&CK and the most vendor references by MITRE D3FEND, organizations worldwide rely on Vectra AI to find cyber-attacks other tech can’t.

What security-related issues did your organization desire to address with this solution/service

GenAI attacks: Vectra AI Attack Signal Intelligence uses behavior-based AI to defend against cyber attackers abusing GenAI – empowering SOC teams to fight GenAI attacks with AI at speed and scale.

Hybrid cloud attacks: Vectra AI arms defenders with the right coverage, clarity and control powered by the only AI-driven threat detection and response platform purpose-built to move at the speed of hybrid cloud attacks.

Spear phishing: Secure web gateway, firewalls, IPS and other tools may not stop threat actors from gaining access. Vectra AI keeps them from progressing by automatically correlating detections across each attack surface.

What technologies and/or innovations are applied/deployed in this solution/service?

The Vectra AI Platform harnesses AI and machine learning (ML) to detect threats across network, identity, cloud, SaaS and GenAI attack surfaces. Attack Signal Intelligence triages, correlates and prioritizes threats with accuracy so SOC defenders can isolate and contain real attacks in minutes. With the addition of GenAI coverage, the Vectra AI Platform equips SOC teams to see and stop emerging attacker techniques that abuse GenAI tools. The Vectra AI Platform now detects attackers that compromise an identity and abuse Microsoft Copilot for M365 to execute their attacks and gain access to sensitive applications and data in minutes.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Vectra AI has deployments across all industry verticals – from Finance, Manufacturing, Software, Critical Infrastructure and Telco – which we have significant market share.

CPG Corporation prioritizes its network’s defenses with Vectra AI for real-time visibility to proactively mitigate risk. Vectra AI’s intelligent threat detection technology enables its cyber team to adopt the mindset of an attacker, understand attacker behavior, and analyze detection patterns unique to its environment. Vectra AI’s advanced security also identifies potential attacks in real time, helping them prioritize and reduce alert noise. This allows its security teams to focus their efforts where it matters most – addressing threats based on severity.
Globe Telecom a major telco in the Philippines have been using Vectra AI to identify attacker behavior within their network and helping them to achieve 2-3 hour MTTR (the average time it takes to recover from a system or product failure once it has been discovered).
Thailand’s leading digital transformation enabler, True Digital Group uses Vectra AI to find clarity in the noise by optimizing their ability to filter and reduce high levels of threats, while enabling its security team to only focus on critical incidents.

BlueVoyant Website

Brief description of solution/service

BlueVoyant’s Managed Detection & Response (MDR) combines clients' existing security products with advanced technology and human-led expertise from its global Security Operations Center (SOC), which monitors clients’ networks 24x7. Clients have a cloud-based security solution that illuminates, validates, and quickly mitigates today’s internal and external threats. BlueVoyant combines extended detection and response (XDR) and security information and event management (SIEM) monitoring and management to detect and respond to security threats across a wide variety of data sources before they cause harm to the business.

What security-related issues did your organization desire to address with this solution/service

Many enterprises struggle with their cyber defence posture due to the need to manage a large number of tools in their security stack. Organisations are looking for an MDR solution that allows them to be closer to their own security data so that when a SOC Analyst, Threat Hunter, or Content Engineer needs to access data, they can work with their data directly, and not be intermediated by an MDR provider’s portal.

BlueVoyant’s evolved approach to MDR applies our data science and security expertise to help clients collect, normalise, rationalise, and access their own data, within their own tools.

What technologies and/or innovations are applied/deployed in this solution/service?

Supply Chain Defense - A solution for holistic third-party cyber risk management needs. BlueVoyant’s end-to-end solution features expert curated risk monitoring and directed remediation. Additional capabilities include a highly customizable questionnaire management platform, multiple levels of continuous monitoring for different tiers of vendors, and point-in-time vendor risk assessments to support procurement and M&A decisions.
DRP: Scan and Protect - BlueVoyant identifies and validates threats targeting the organization, providing actionable countermeasures to eliminate threats to your brand, employees, and customers. Our solution equips your team with visibility beyond the perimeter, continuously monitoring exclusive threat data sources.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Trusted by more than 900 clients in 40-plus countries worldwide, BlueVoyant’s presence in APJ continues to grow following the company’s expansion in APJ in 2022, offering comprehensive cyber risk protection to organisations in diverse sectors.

A current BlueVoyant customer is SGX-listed Seatrium, a global player with deep engineering expertise in the offshore, marine and energy industries.

Poh Leng Wee, Chief Information Security Officer, Seatrium: “Seatrium enhances its cyber defense by integrating BlueVoyant's MDR solution, which combines human expertise with automation and AI technology. This strategic alliance provides access to advanced platforms and seasoned security experts, utilizing AI to accelerate threat detection and response. The adoption of this AI-augmented MDR solution not only streamlines our security operations but also strengthens stakeholder confidence in our resilient and proactive security posture.”

ExtraHop Website

Brief description of solution/service

ExtraHop is the cybersecurity partner enterprises trust to reveal cyber risk and build business resilience. With customers representing nearly a quarter of the Fortune 100, the RevealX platform is the only Network Detection and Response (NDR) solution that delivers the 360-degree network visibility needed to expose the unknown, uncover more threats, and move at the speed of risk. Named a Leader in The Forrester Wave™: Network Analysis And Visibility, ExtraHop helps analysts investigate and stop threats faster, offering significant improvements in time to detect (83%), investigate and resolve threats (87%) (via Forrester).

What security-related issues did your organization desire to address with this solution/service

Adversaries are increasingly finding ways to circumvent traditional cybersecurity controls like firewalls, SIEM, and EDR, hiding in encrypted east-west network traffic; using living-off-the-land techniques; and exploiting devices that organizations can’t put an endpoint agent on.

RevealX, ExtraHop’s NDR platform, harnesses the power of the network, which sees everything, shows everything, and cannot be evaded - leaving attackers nowhere to hide.

RevealX ingests, monitors, and analyzes network data in real-time, giving enterprises unparalleled visibility into all of their east-west, north-south network traffic. When attackers bypass all other security controls, RevealX quickly catches anomalous behaviours that signal early stage attacks like ransomware.

What technologies and/or innovations are applied/deployed in this solution/service?

With 70+ patents, AI is a key technology built into RevealX since day one, generating millions of predictive models specific to customers to detect anomalous and suspicious behaviors as they occur. By applying AI to layers of network telemetry, the platform can quickly identify all devices on the network, and detect, investigate, and respond to threats like double-extortion ransomware.

Against the backdrop of widening threat landscapes, ExtraHop also recently launched a first-of-its-kind AI Search Assistant, accelerating threat hunting for resource-strapped SOC analysts via a generative AI-powered natural language search assistant.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Leading financial institutions in the Asia Pacific region deploy RevealX to secure their organizations and overcome challenges presented by regulatory compliance, legacy infrastructures, and alert fatigue caused by a widening threat landscape. Because of regulations, multiple networks within the same financial enterprise tend to be isolated from each other, making it difficult to see what is happening, or who is hiding, in the network. Similarly, decisions to make technology changes move slowly because of concerns about regulatory compliance. To overcome these hurdles, financial institutions deploy ExtraHop to gain complete visibility across their networks and the entire attack surface, including multiple clouds, data centers, and remote sites, so they can catch cyberattacks before it's too late.

ExtraHop also works with leading manufacturers by protecting modernized shop floors with sophisticated OT networks. Modern manufacturers depend on equipment that requires constant connectivity and must avoid any costly downtime that comes as a result of cyber incidents. With visibility across connected, distributed environments and critical systems, RevealX monitors all devices and equipment within a manufacturer’s facilities and is able to isolate equipment issues and vulnerabilities very quickly, limiting downtime.

KnowBe4 Website

Brief description of solution/service

KnowBe4 is the provider of the world’s largest Security Awareness Training and simulated phishing platform that helps organizations manage the ongoing problem of social engineering. KnowBe4’s AI-native platform, Artificial Intelligence Defense Agents, AIDA, enables long term culture change and human risk reduction. AIDA represents a significant step forward in safeguarding users against the malicious use of AI by cybercriminals. AIDA enables organisations to automate the dynamic selection of security awareness training and testing to give users a more individualised learning experience that adapts to their specific roles, current level of knowledge, phishing and training performance history and risk factors.

What security-related issues did your organization desire to address with this solution/service

As advances like AI add complexity to cybercrime, it is critical for all industries, especially those heavily targeted by cybercriminals, to prioritise security culture and invest appropriately, particularly in reducing human-based risk.

New-school security awareness training is a key component of prevention. Regular training with repeated simulated phishing tests keeps employees on their toes in the short term and helps inoculate the entire organisation with a resilient security culture in the long term.

As cybercriminals increasingly leverage AI, KnowBe4’s AI-enabled technologies are positioned to enhance security measures and strengthen defences of organisations against all types of attacks.

What technologies and/or innovations are applied/deployed in this solution/service?

AI-Driven Phishing - KnowBe4’s AIDA offers a recommendation engine enabling organisations to automate the dynamic selection of unique phishing security test templates for their users. AI-Driven Phishing is a great way to enhance your remedial training efforts for users who routinely fail phishing tests, or have a low volume of user reported messages using the Phish Alert Button. AI-Recommended Optional Learning - Using data from AIDA, a recommendation engine allows you to automatically serve up relevant and optional learning content for users based on each user’s engagement with their assigned security awareness training and previous course completions.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Since 2023, Lumen Technologies has partnered with security awareness training provider KnowBe4 to drive cyber awareness and strengthen ‘security culture’ across organisations in the Asia Pacific region. Customers tap into KnowBe4’s offering, the security awareness training and simulated phishing platform, as a managed service. They aim to enable customers to identify gaps in security knowledge across the organisation and train and prepare employees to handle cybersecurity risks. Reviews from customers in APAC reported the main drivers for adoption of the KnowBe4 platform were to improve compliance and risk management, drive innovation and provide a security solution that delivered results across the whole business. "The automation tools that KnowBe4 provides, such as Smart Groups, Phishing Campaigns, Training Campaigns, and the AIDA (Artificial Intelligence) drastically reduce admin required time in managing the awareness program." Chris R

"The new AI-driven emails have really stepped up our training. We use them to simulate much more realistic phishing campaigns. I think our users had really gotten to where they could easily spot a phishing email, but now they have to try a lot harder. With the real threats getting better and better, the AI phishing has been a real help." Jack White, Stirling Equipment

F5 Website

Brief description of solution/service

F5 Distributed Cloud Services is our customers’ secret weapon to simplifying multi-cloud complexity. The SaaS-based security, networking, and application management services makes it possible to deploy, secure, and operate their applications in a cloud-native environment wherever needed — data center, multi-cloud, network or enterprise edge.

This comprehensive suite is a critical tool for delivering modern applications with unparalleled performance, scalability, and security. It has enabled enterprises to accelerate time-to-service, lower total cost of ownership (TCO), and increase security efficacy on a cloud-native platform that is fully integrated across a single policy engine and management console.

What security-related issues did your organization desire to address with this solution/service

In an increasingly hybrid multi-cloud world, businesses are grappling with a growing number of applications across diverse IT environments. Such complexity hinders them with an increasing lack of visibility, putting performance, service availability, and customer experience at risk.

Moreover, as enterprises expand operations across multiple environments, cybercriminals are also able to leverage several fronts of attack. The ever-expanding network of APIs that connects applications has also become prime targets for cybercriminals looking to breach cloud infrastructures.

F5 Distributed Cloud Services simplifies all of this, while protecting applications in real time, all from a single platform.

What technologies and/or innovations are applied/deployed in this solution/service?

F5 Distributed Cloud Services leverages AI and machine learning (ML) to realize broad application security from a single SaaS-based platform. Our industry-leading Web Application Firewall (WAF) uses AI/ML detection techniques with automatic signature tuning to easily defend against known threats and suspicious behavior.

Distributed Cloud API Security also uses AI/ML to identify shadow APIs and block attacks in real time. Users gain visibility over all APIs and can integrate security into the API lifecycle process, monitor traffic, and automatically generate policies. The SaaS-based portal also makes it easy to review threat analytics and forensics, and troubleshoot API communications.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

For Maxim Group, F5 Distributed Cloud Services were a gamechanger for unifying web application and API protection (WAAP) policies across diverse hybrid application environments.

Its AL/ML-powered advanced threat detection and mitigation capabilities significantly elevated Maxim’s security posture while centralizing security management via a unified platform, enabling consistent policy enforcement and enhanced network and application visibility — significantly improving its ability to respond effectively to threats. The streamlined management processes also facilitated operational efficiency and reduced administrative overhead, while granting Maxim cloud-native scalability for uninterrupted security as it migrates more subsidiaries and joint ventures to the cloud.

For Sentient.io, F5 Distributed Cloud Services were invaluable in enabling them to offer turnkey, enterprise-grade AI “as a service” solutions.

Distributed Cloud Stack unified Sentient.io’s application environment, eliminating the need to manage multiple Kubernetes distributions. This streamlined operations, allowing it to deploy AI models across multiple cloud providers with increased agility and scalability. It also reduced latency and enabled real-time AI processing at the edge, allowing high-performing AI applications to be delivered with a faster time to value. Sentient.io was also able to optimize resource allocation and reduce overall operational costs while enhancing security with native integration and support for application and API security.

ESET Website

Brief description of solution/service

We leverage over 25 years of experience in AI to deliver comprehensive protection against a wide range of cyber threats. Beginning with the detection of macro viruses in 1997, ESET has continuously evolved its technology to incorporate advanced AI-driven capabilities.

Today, our solutions marry AI and human expertise to adopt a prevention-first approach to cybersecurity . Our solutions include ESET LiveGrid® for cloud-based reputation management, ESET LiveGuard for on-demand threat analysis, and transformer-based models for enhanced natural language processing and incident response. ESET also rolled out AI Advisor, a generative AI assistant, to widen the resources available to its users.

What security-related issues did your organization desire to address with this solution/service

ESET wanted to address the increasing complexity and sophistication of cyber threats, including advanced malware, ransomware, and zero-day attacks. The objective was to enhance detection accuracy, reduce false positives, and provide comprehensive protection against these evolving threats. Additionally, ESET sought to streamline the incident response process and improve the efficiency of security operations. By leveraging AI and machine learning, ESET’s solution aims to deliver real-time threat detection and proactive defence mechanisms, ensuring that organisations can maintain a robust security posture and minimise the risk of data breaches and other cyber incidents.

What technologies and/or innovations are applied/deployed in this solution/service?

ESET’s solution employs a range of advanced technologies and innovations, including machine learning, advanced analytics, and AI-powered cloud sandboxes. Key components include ESET LiveGrid®, a cloud-based reputation management system that delivers speedy updates; DNA Detections for malware profiling and classification; and ESET LiveGuard, an on-demand threat analysis tool that utilises a multilayered machine learning detection system. Additionally, ESET has integrated transformer-based models for natural language processing and automated incident creation, enhancing real-time threat detection and response capabilities. These innovations ensure real-time threat detection, proactive defense mechanisms, and minimal disruption to the user, providing robust security for both individuals and organisations.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

ESET’s AI-based cybersecurity solutions are deployed across diverse industries in the Asia Pacific region. We provide 110+ million users worldwide with robust protection against cyber threats. Notable partnerships include integrations with Microsoft Sentinel for enhanced threat intelligence and Intel® Threat Detection Technology for advanced hardware-based threat detection.

ESET has been recognised by independent testing labs such as SE Labs, AV-Comparatives and Gartner Peer Insights, further validating our widespread adoption and effectiveness. We are proud to share that our Enterprise Endpoint Security and Small Business Endpoint Security solutions have received the prestigious AAA grade from SE Labs in their Q1 2024 tests. We also received the “Advanced+” award for both performance and malware protection in the latest AV-Comparatives evaluation.

For more information please visit https://www.eset.com/int/business/why-eset/industry-analysts-recognition

Infoblox Website

Brief description of solution/service

SOC Insights, a new capability of Infoblox’s ‘BloxOne® Threat Defense’ solution, turns hundreds of thousands of alerts into a small set of actionable insights. As an industry-first application that leverages AI-driven analytics together with DNS driven intelligence, SOC Insights enables defenders to stop attacks before they occur, raise the ROI of their security stack, and elevate overall efficiency. Each insight provides easy access to device, event, and attacker details and Infoblox's unique DNS intelligence data.

What security-related issues did your organization desire to address with this solution/service

Alert fatigue, analyst burnout, and the skill shortage in Security Operations Centers (SOC) stem from the overwhelming number of daily security events and the vast amount of data that needs to be analysed. SOC Insights addresses these challenges by leveraging AI-driven analytics together with DNS driven intelligence to transform hundreds of thousands of events into a manageable set of actionable insights. Each insight is linked to relevant assets, events, threats, and other critical data, enabling analysts to quickly understand threats and make informed, effective decisions, decreasing the MTTR drastically.

What technologies and/or innovations are applied/deployed in this solution/service?

By leveraging AI-driven analytics and DNS threat intelligence, SOC Insights provides actionable insights to security analysts, empowering them to focus on the most critical threats and reduce MTTR. Key innovations include proactive threat prevention, advanced AI-driven analytics that surpass traditional malware risk-based dashboards to jump-start investigations, as well as seamless ecosystem integrations to generate actionable insights. Particularly, the use of AI on the holistic data that DNS can provide, helps analyse vast amounts of threat and network data quickly and easily. This allows experts to concentrate on the things that really matter.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

While SOC Insights is a new product, it is part of the established BloxOne® Threat Defense solution, which is widely deployed across various industries in the Asia Pacific region, including the public sector, financial services (FSI), manufacturing, and transportation. This AI-driven solution is essential in today’s cybersecurity landscape, offering advanced threat detection, real-time monitoring, and actionable insights to counter sophisticated cyber threats.

In the public sector, BloxOne® Threat Defense protects sensitive data and ensures the integrity of public services. In FSI, it secures financial transactions and customer data against breaches. The manufacturing sector uses it to safeguard intellectual property and prevent supply chain disruptions. In transportation, it ensures the safety and reliability of critical infrastructure.

F5 Website

Brief description of solution/service

F5 Distributed Cloud Services is our customers’ secret weapon to simplifying multi-cloud complexity. The SaaS-based security, networking, and application management services makes it possible to deploy, secure, and operate their applications in a cloud-native environment wherever needed — data center, multi-cloud, network or enterprise edge.

This comprehensive suite is a critical tool for delivering modern applications with unparalleled performance, scalability, and security. It has enabled enterprises to accelerate time-to-service, lower total cost of ownership (TCO), and increase security efficacy on a cloud-native platform that is fully integrated across a single policy engine and management console.

What security-related issues did your organization desire to address with this solution/service

In an increasingly hybrid multi-cloud world, businesses are grappling with a growing number of applications across diverse IT environments. Such complexity hinders them with an increasing lack of visibility, putting performance, service availability, and customer experience at risk.

Moreover, as enterprises expand operations across multiple environments, cybercriminals are also able to leverage several fronts of attack. The ever-expanding network of APIs that connects applications has also become prime targets for cybercriminals looking to breach cloud infrastructures.

F5 Distributed Cloud Services simplifies all of this, while protecting applications in real time, all from a single platform.

What technologies and/or innovations are applied/deployed in this solution/service?

F5 Distributed Cloud Services leverages AI and machine learning (ML) to realize broad application security from a single SaaS-based platform. Our industry-leading Web Application Firewall (WAF) uses AI/ML detection techniques with automatic signature tuning to easily defend against known threats and suspicious behavior.

Distributed Cloud API Security also uses AI/ML to identify shadow APIs and block attacks in real time. Users gain visibility over all APIs and can integrate security into the API lifecycle process, monitor traffic, and automatically generate policies. The SaaS-based portal also makes it easy to review threat analytics and forensics, and troubleshoot API communications.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

For Maxim Group, F5 Distributed Cloud Services were a gamechanger for unifying web application and API protection (WAAP) policies across diverse hybrid application environments.

Its AL/ML-powered advanced threat detection and mitigation capabilities significantly elevated Maxim’s security posture while centralizing security management via a unified platform, enabling consistent policy enforcement and enhanced network and application visibility — significantly improving its ability to respond effectively to threats. The streamlined management processes also facilitated operational efficiency and reduced administrative overhead, while granting Maxim cloud-native scalability for uninterrupted security as it migrates more subsidiaries and joint ventures to the cloud.

For Sentient.io, F5 Distributed Cloud Services were invaluable in enabling them to offer turnkey, enterprise-grade AI “as a service” solutions.

Distributed Cloud Stack unified Sentient.io’s application environment, eliminating the need to manage multiple Kubernetes distributions. This streamlined operations, allowing it to deploy AI models across multiple cloud providers with increased agility and scalability. It also reduced latency and enabled real-time AI processing at the edge, allowing high-performing AI applications to be delivered with a faster time to value. Sentient.io was also able to optimize resource allocation and reduce overall operational costs while enhancing security with native integration and support for application and API security.

Imperva Website

Brief description of solution/service

Supporting global security and privacy regulations including GDPS, HIPAA, FIPS 140-2, MAS and many more, the CipherTrust Data Security Platform simplifies data security administration with ‘single pane of glass’ centralized management console that equips organizations with powerful tools to discover and classify sensitive data, combat external threats, guard against insider abuse, and establish persistent controls, even when data is stored in the cloud or in any external provider’s infrastructure. It offers advanced encryption and centralized key management solutions that enable organizations to safely store sensitive data in the cloud using Hold Your Own Key (HYOK), Bring Your Own Key (BYOK) and Bring Your Own Encryption (BYOE).

What security-related issues did your organization desire to address with this solution/service

In 2024, enterprises are modernizing and adopting modern cloud-native architectures with increasing complexity that is driving the need for automated protection. This is creating security blind spots in APIs and data. Enterprises use Imperva at the application and API layers to:

Accelerate application performance for smooth, responsive user experiences
Prevent DDoS attacks from impacting uptime, maintaining consistent service availability
Defend against business logic attacks, safeguarding organizations’ core functions
Provide 360-degree supply chain protection
Detect and prevent online fraud, preserving business integrity and protecting customers

What technologies and/or innovations are applied/deployed in this solution/service?

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Imperva’s cybersecurity solutions are deployed by customers across various industries and organizations in the Asia-Pacific region, including financial services, healthcare, e-commerce, government, and technology.

For example, Imperva worked with a leading financial institution in Asia-Pacific to safeguard their critical applications and data against cyber attacks. They deployed Imperva's Web Application Firewall (WAF) and Database Activity Monitoring (DAM) to protect data, improve website performance, and simplify configuration. The user-friendly interface and streamlined configuration of Imperva WAF Gateway expedited the adoption process. The financial institution completed the installation and initial configuration of Imperva Data Security Fabric within two weeks, including planning and execution. This integration resulted in a comprehensive cybersecurity strategy, providing unified and proactive protection for critical systems and sensitive data. The institution experienced a significant reduction in website performance issues and enhanced protection against database login misuse. Additionally, they observed near-zero false positives and gained deeper visibility into attacks, allowing their team to focus more on core operations

Green Radar Website

Brief description of solution/service

grMail provides customers with much-needed email security services. With around-the-clock monitoring and deep email analysis with threat hunting, the service ensures the customer with maximum email protection against target phishing attacks.

Green Radar provides cloud-based Security as a Service, an all-in-one and affordable solution for enterprises of any size to enjoy first-class email security solutions without having their own infrastructure or heavily investment in developing, maintaining and creating those security tools, saving upfront costs for hardware as well as continuing costs for software licenses.

What security-related issues did your organization desire to address with this solution/service

Green Radar grMail focuses on providing affordable and high-quality services for SMEs in Hong Kong. We prioritize the needs of our customers, ensuring a seamless user experience at a competitive price.

Phishing emails remain one of the top three cyber attacks globally. SMEs are lacking of IT security experts, are particularly vulnerable to these scams. Due to limited budgets, SMEs often struggle to hire security experts or establish 24x7 monitoring Security Operations Centers (SOCs). Additionally, SMEs face challenges in formulating an effective response when a security incident occurs.

What technologies and/or innovations are applied/deployed in this solution/service?

Green Radar are actively working on enhancing our email security solution through key improvements. These enhancements will target areas such as reducing scanning time, implementing a flexible policy framework, and enhancing reporting capabilities.

A primary focus of our improvement efforts is to minimize security scanning time. We plan to achieve this by optimizing scanning performance and eliminating redundant scans. Streamlining the scanning process will result in faster and more efficient email processing, enhancing both the user experience and overall system performance.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Not Applicable

Tenable Website

Brief description of solution/service

Tenable Cloud Security is a unified identity-driven cloud-native application protection (CNAPP) solution that continuously analyzes all cloud resources — across infrastructure, workloads, data, identities and applications — to single out the most important risks, spot unknown threats and deliver actionable insights within hours. Best-of-breed cloud entitlements (CIEM) and cloud vulnerability management (CWP) combined with robust security posture management for cloud (CSPM), Kubernetes (KSPM) and Infrastructure as Code (IaC) reduce the cloud attack surface, automate reporting and facilitate zero trust including least privilege at scale

What security-related issues did your organization desire to address with this solution/service

Cloud environments are under attack, but efforts to secure cloud infrastructure are hampered by myriad issues: fast cloud adoption, multiple cloud providers, a shortage of cloud and security expertise, a new perimeter that replaces the network with identities, and the cloud’s dynamic nature. To tackle the complexity, organisations often look to tools and point solutions to help combat these threat vectors. It only racks up the costs of configuring and implementing multiple cloud security solutions with tools that don’t work together, integrate or show a more complete view of where risk exists across the entire cloud environment.

What technologies and/or innovations are applied/deployed in this solution/service?

With Tenable Cloud Security you can easily ramp up security across all your AWS, Azure and GCP environments. From full asset discovery and deep risk analysis to runtime threat detection and compliance, you can reduce complexity, minimize your cloud exposure and enforce least privilege at scale. Tenable's comprehensive approach accurately visualizes and prioritizes security gaps, and gives you the built-in expertise and tools you need to remediate the risks that matter most

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Approximately 43,000 organizations around the globe, including 60 percent of the Fortune 500, 40 percent of the Global 2000 and large government agencies trust Tenable to understand and reduce their cyber risk. Tenable partners with more than 100 total ecosystem partners and 200 integrations with security leaders, creating a rich set of exposure data to analyze, gain context and take decisive action to better understand and reduce cyber risk. More of how our customers use Tenable can be found here: https://www.tenable.com/customers

Varonis Website

Brief description of solution/service

Varonis is a leader in data security, helping people and companies protect against cybercriminals and malicious insiders. Our cloud-native Data Security Platform automatically eliminates data exposure and detects active threats. Expert incident responders proactively monitor and respond to incidents so our customers don't have to.

With Varonis, organizations reduce mountains of risk automatically. Our Data Security Platform vastly decreases the likelihood of a data breach. Should an incident occur, any impact will be small because we lock down data, minimize the potential blast radius, and detect the earliest signs of attacks.

What security-related issues did your organization desire to address with this solution/service

Organizations face overwhelming levels of data exposure that grow larger by the second — and cybercriminals are exploiting faster than ever. While we don't know where the next cyberattack will come from, we do know what cybercriminals want — data.

Varonis Data Security Platform delivers automated outcomes by limiting data exposure—and risk—across multi-cloud, SaaS, and on-prem. Varonis is the only data security solution that can intelligently eliminate unnecessary access at scale, helping security teams keep up with the ever-growing risk of data exposure as more data is created and shared.

What technologies and/or innovations are applied/deployed in this solution/service?

We've introduced automated, game-changing features to help customers effortlessly remediate compliance gaps, limit third-party access, automatically fix security issues, and continually remove unnecessary access to Microsoft 365, Google Drive, and others. Our strategic collaboration with Microsoft helps companies safely harness the power of AI with Microsoft Copilot for Microsoft 365.

Our Varonis Threat Labs team of security researchers and data scientists are among the most elite cybersecurity minds in the world, helping our customers use to find and close gaps before attackers can, and all learnings are programmed into our platform to help customers stay ahead of cyberattacks.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Varonis is deployed across industries and both public and private entities including governments and private industries from education to manufacturing and beyond.

Vectra Website

Brief description of solution/service

Vectra AI Platform for Cloud Networks provides customers with automatic and native controls to enable full hybrid cloud visibility for more efficient and effective threat investigations and hunting. Customers can harness Vectra’s AI-driven Attack Signal Intelligence™ — empowering an automated risk-based approach to hybrid cloud attacks while reducing the reliance on a shared responsibility model from public cloud providers (AWS, Azure and GCP) for threat detection and incident response.

What security-related issues did your organization desire to address with this solution/service

Cyber attackers can compromise cloud resources through two main avenues:

Traditional means: This involves accessing systems within the enterprise network perimeter, conducting reconnaissance, and escalating privileges to an administrative account that has access to cloud resources.

Credential compromise: Bypasses the traditional means by directly compromising the credentials of an administrator account that either has remote administrative capabilities or Cloud Service Provider (CSP) administrative access.

Vectra AI for Cloud Networks (Vectra NDR enabled by Gigamon) strengthens SOC teams' abilities to effectively detect, investigate and respond to the risks associated with an evolving network environment by extending datacenter networks into the cloud.

What technologies and/or innovations are applied/deployed in this solution/service?

Vectra AI delivers security to the cloud through the Vectra AI Platform with Attack Signal Intelligence™. With 11 references in the MITRE D3FEND framework — more than any other vendor — only Vectra AI provides Cloud Detection and Response (CDR) powerful enough to reveal the earliest signs of hybrid cloud compromise. Vectra AI provides CDR differentiation through complete visibility and context, integrated investigations for AWS attacks, and continued AWS support for 24x7x365 coverage.

Vectra AI has deployments across all industry verticals – from Finance, Manufacturing, Software, Critical Infrastructure and Telco – which we have significant market share.

CPG Corporation prioritizes its network’s defenses with Vectra AI for real-time visibility to proactively mitigate risk. Vectra AI’s intelligent threat detection technology enables its cyber team to adopt the mindset of an attacker, understand attacker behavior, and analyze detection patterns unique to its environment. Vectra AI’s advanced security also identifies potential attacks in real time, helping them prioritize and reduce alert noise. This allows its security teams to focus their efforts where it matters most – addressing threats based on severity.
Globe Telecom a major telco in the Philippines have been using Vectra AI to identify attacker behavior within their network and helping them to achieve 2-3 hour MTTR (the average time it takes to recover from a system or product failure once it has been discovered).
Thailand’s leading digital transformation enabler, True Digital Group uses Vectra AI to find clarity in the noise by optimizing their ability to filter and reduce high levels of threats, while enabling its security team to only focus on critical incidents.

ExtraHop Website

Brief description of solution/service

ExtraHop is the cybersecurity partner enterprises trust to reveal cyber risk and build business resilience. With customers representing nearly a quarter of the Fortune 100, the RevealX platform is the only Network Detection and Response (NDR) solution that delivers the 360-degree network visibility needed to expose the unknown, uncover more threats, and move at the speed of risk. Named a Leader in The Forrester Wave™: Network Analysis And Visibility, ExtraHop helps analysts investigate and stop threats faster, offering significant improvements in time to detect (83%), investigate and resolve threats (87%) (via Forrester).

What security-related issues did your organization desire to address with this solution/service

Adversaries are increasingly finding ways to circumvent traditional cybersecurity controls like firewalls, SIEM, and EDR, hiding in encrypted east-west network traffic; using living-off-the-land techniques; and exploiting devices that organizations can’t put an endpoint agent on.

RevealX, ExtraHop’s NDR platform, harnesses the power of the network, which sees everything, shows everything, and cannot be evaded - leaving attackers nowhere to hide.

RevealX ingests, monitors, and analyzes network data in real-time, giving enterprises unparalleled visibility into all of their east-west, north-south network traffic. When attackers bypass all other security controls, RevealX quickly catches anomalous behaviours that signal early stage attacks like ransomware.

What technologies and/or innovations are applied/deployed in this solution/service?

With 70+ patents, AI is a key technology built into RevealX since day one, generating millions of predictive models specific to customers to detect anomalous and suspicious behaviors as they occur. By applying AI to layers of network telemetry, the platform can quickly identify all devices on the network, and detect, investigate, and respond to threats like double-extortion ransomware.

Against the backdrop of widening threat landscapes, ExtraHop also recently launched a first-of-its-kind AI Search Assistant, accelerating threat hunting for resource-strapped SOC analysts via a generative AI-powered natural language search assistant.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Leading financial institutions in the Asia Pacific region deploy RevealX to secure their organizations and overcome challenges presented by regulatory compliance, legacy infrastructures, and alert fatigue caused by a widening threat landscape. Because of regulations, multiple networks within the same financial enterprise tend to be isolated from each other, making it difficult to see what is happening, or who is hiding, in the network. Similarly, decisions to make technology changes move slowly because of concerns about regulatory compliance. To overcome these hurdles, financial institutions deploy ExtraHop to gain complete visibility across their networks and the entire attack surface, including multiple clouds, data centers, and remote sites, so they can catch cyberattacks before it's too late.

ExtraHop also works with leading manufacturers by protecting modernized shop floors with sophisticated OT networks. Modern manufacturers depend on equipment that requires constant connectivity and must avoid any costly downtime that comes as a result of cyber incidents. With visibility across connected, distributed environments and critical systems, RevealX monitors all devices and equipment within a manufacturer’s facilities and is able to isolate equipment issues and vulnerabilities very quickly, limiting downtime.

Aqua Security Website

Brief description of solution/service

As cloud and container adoption increases, organisations require born-in-the cloud security to provide full lifecycle protection of their cloud applications. Aqua stops cloud native attacks with the industry’s first unified Cloud Native Application Protection Platform (CNAPP), featuring real-time detection and response capabilities. Aqua secures customers’ cloud native assets from day one, from code to cloud, and protects them in real time. The Platform’s features are informed by real research, allowing it to stay ahead of an evolving cloud native threat landscape.

What security-related issues did your organization desire to address with this solution/service

For security teams, having active, preventative shift-left and runtime controls protecting their cloud native applications is a non-negotiable requirement. Aqua offers a fully integrated set of security and compliance capabilities that visualise, prioritise, and eliminate risk in minutes across the full software development lifecycle. Automated policies for shift-left prevention and runtime detection and response reduce the attack surface and mitigate active attacks. It allows teams to replace many disparate tools with one unified source of truth, saving costs, and making critical alerts and vulnerability assessments less likely to fall through the cracks.

What technologies and/or innovations are applied/deployed in this solution/service?

Aqua recently announced new capabilities specifically designed to secure the development and operation of generative AI applications leveraging Large Language Models (LLMs). As more businesses embrace LLMs, new attack vectors get introduced into their applications and operations. Aqua is pioneering LLM application security to help companies stay secure while keeping on the cutting edge of application development.

Aqua Nautilus is a security research team that analyzes the evolving cloud native threat landscape, uncovering new threats targeting containers, software supply chains and cloud infrastructure and more. The team turns insights from real-world attacks into intelligence-driven protection within the Platform.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

In Asia Pacific, Aqua customers are heavily concentrated in government, banking, financial services as well as other regulated sectors that leverage the service for comprehensive cloud native security, compliance and risk management, through an in-region service that addresses their data sovereignty and governance requirements.

Additionally, some examples of customers in region and globally can be found here: https://www.aquasec.com/customers/ and here:https://www.aquasec.com/resources/.

Hackuity Website

Brief description of solution/service

Hackuity is a cutting-edge Risk-Based Vulnerability Management platform designed to streamline cybersecurity processes and enhance organizational security posture. By integrating and automating the analysis of vulnerability data across various sources, Hackuity provides a centralized, prioritized view of threats based on real-time risk assessments. This allows security teams to efficiently allocate resources to the most critical vulnerabilities, ensuring timely mitigation and compliance with regulatory standards. With its intuitive interface and powerful analytics, Hackuity empowers organizations to proactively manage their cybersecurity risks, turning vulnerability management into a strategic advantage.

What security-related issues did your organization desire to address with this solution/service

Hackuity is specifically designed to address critical issues such as data silos, vulnerability overload, and resource constraints that many organizations face. By consolidating disparate vulnerability data into a single, unified platform, Hackuity breaks down data silos and provides a comprehensive view of your security landscape. This enables more accurate risk prioritization and streamlined vulnerability management, effectively tackling the problem of overload by focusing efforts on the most critical issues first. Additionally, Hackuity’s automation capabilities significantly reduce the manual labor required, helping to alleviate resource constraints and allowing your team to work more efficiently and effectively in securing your infrastructure.

What technologies and/or innovations are applied/deployed in this solution/service?

Hackuity is specifically designed to address critical issues such as data silos, vulnerability overload, and resource constraints that many organizations face. By consolidating disparate vulnerability data into a single, unified platform, Hackuity breaks down data silos and provides a comprehensive view of your security landscape. This enables more accurate risk prioritization and streamlined vulnerability management, effectively tackling the problem of overload by focusing efforts on the most critical issues first. Additionally, Hackuity’s automation capabilities significantly reduce the manual labor required, helping to alleviate resource constraints and allowing your team to work more efficiently and effectively in securing your infrastructure.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

SG - one of the top 3 telco in SG, one of the govt regulatory board Indonesia- One of the largest state owned Bank We are also IMDA accredited and is in the govt green lane for procurement

Tenable Website

Brief description of solution/service

Tenable Cloud Security is a unified identity-driven cloud-native application protection (CNAPP) solution that continuously analyzes all cloud resources — across infrastructure, workloads, data, identities and applications — to single out the most important risks, spot unknown threats and deliver actionable insights within hours. Best-of-breed cloud entitlements (CIEM) and cloud vulnerability management (CWP) combined with robust security posture management for cloud (CSPM), Kubernetes (KSPM) and Infrastructure as Code (IaC) reduce the cloud attack surface, automate reporting and facilitate zero trust including least privilege at scale

What security-related issues did your organization desire to address with this solution/service

Cloud environments are under attack, but efforts to secure cloud infrastructure are hampered by myriad issues: fast cloud adoption, multiple cloud providers, a shortage of cloud and security expertise, a new perimeter that replaces the network with identities, and the cloud’s dynamic nature. To tackle the complexity, organisations often look to tools and point solutions to help combat these threat vectors. It only racks up the costs of configuring and implementing multiple cloud security solutions with tools that don’t work together, integrate or show a more complete view of where risk exists across the entire cloud environment.

What technologies and/or innovations are applied/deployed in this solution/service?

With Tenable Cloud Security you can easily ramp up security across all your AWS, Azure and GCP environments. From full asset discovery and deep risk analysis to runtime threat detection and compliance, you can reduce complexity, minimize your cloud exposure and enforce least privilege at scale. Tenable's comprehensive approach accurately visualizes and prioritizes security gaps, and gives you the built-in expertise and tools you need to remediate the risks that matter most

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Approximately 43,000 organizations around the globe, including 60 percent of the Fortune 500, 40 percent of the Global 2000 and large government agencies trust Tenable to understand and reduce their cyber risk. Tenable partners with more than 100 total ecosystem partners and 200 integrations with security leaders, creating a rich set of exposure data to analyze, gain context and take decisive action to better understand and reduce cyber risk. More of how our customers use Tenable can be found here: https://www.tenable.com/customers

New Relic Website

Brief description of solution/service

The New Relic all-in-one observability platform helps organisations secure software applications with less toil by providing a comprehensive approach to vulnerability management. New Relic Vulnerability Management provides continuous runtime software composition analysis (SCA) and vulnerability assessment prioritisation, with no additional configuration when using supported New Relic APM agents. It instantly detects common vulnerabilities and exposures (CVEs) from the U.S. Department of Commerce National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) across supported application dependencies.

What security-related issues did your organization desire to address with this solution/service

Applications today are often composed of thousands of components, each with the potential to carry critical security vulnerabilities that can increase the risk of IP theft, data loss, monetary loss, reputational damage, and more. Mitigating security threats is now an enterprise priority, as is having a security mindset across the development pipeline. To help address this new shared responsibility between DevOps and Security teams (DevSecOps), New Relic Vulnerability Management enables teams to see performance and availability issues in one connected experience and allows all teams to quickly assess the most urgent vulnerabilities while addressing exposure with guidelines for remediation.

What technologies and/or innovations are applied/deployed in this solution/service?

New Relic AI monitoring is the industry’s first APM solution that provides end-to-end visibility for any AI-powered application. New Relic AI monitoring provides engineers unprecedented visibility and insights across the entire AI stack so they can build and run safe, secure, and responsible AI applications with confidence.

New Relic Interactive Application Security Testing (IAST) automates the process of finding code paths that are likely to be exploited.

New Relic offers a unified security view across the stack and software lifecycle with the ability to add security data through an open ecosystem of built-in quickstarts and New Relic security APIs.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Indonesia-based health-tech platform Halodoc connects millions of patients with healthcare providers on a single platform. A cloud-native business, Halodoc adopted New Relic over six years ago to provide better platform performance.

With end-to-end visibility via dashboards and distributed tracing, Halodoc has been able to track its performance against KPIs, while consolidating and optimising its infrastructure usage. Real-time and historic insights allow for the periodic analysis of past performance, load, and throughput to understand current and future capacity needs.

New Relic has helped Halodoc achieve a 40% improvement in app performance alongside 20% in savings on infrastructure and associated server costs, in conjunction with the introduction of the AWS Graviton2 processors which are running 90% of its production workloads.

By having all the necessary information about its systems in one place, the Halodoc team is delivering a consistent experience to its customers while embracing a culture of developer productivity, accountability and ownership.

Skybox Security Website

Brief description of solution/service

The Skybox platform supports each stage of an enterprise’s continuous exposure management program to map the attack surface and contextualize with data, assess and prioritize vulnerabilities, and combat the threat through final remediation. Integrated attack surface management, vulnerability management, and security policy management solutions make it easy to manage exposures and maximize the effectiveness of security teams. The power of our platform is built on the aggregated security, policy, and infrastructure data collected and aggregated from organizations’ infrastructure and cloud environments. With Skybox organizations will achieve greater insight, build business resiliency, and maximize valuable technical resources on what matters most.

What security-related issues did your organization desire to address with this solution/service

Skybox Security tackles a critical challenge for organizations struggling to prioritize cyber threats based on real-world exposure risk with their Continuous Threat Exposure Management Platform. This platform delivers:

Comprehensive Attack Surface View: Gain a complete picture of your hybrid, multi-cloud, and OT network environment, including all assets and vulnerabilities.
Real-Time Threat Prioritization: Prioritize vulnerabilities based on real-world exploitability and asset criticality, not just generic scores, ensuring you focus on the threats that matter most.
Streamlined Remediation: Skybox integrates with existing tools to automate remediation workflows, minimizing your exposure window.

What technologies and/or innovations are applied/deployed in this solution/service?

Skybox Security enhances cyber risk management with innovative features.

Prioritization: Skybox prioritizes vulnerabilities based on exploitability and asset criticality, not just CVSS scores.
Attack Path Simulation: Visualize and prioritize remediation by simulating potential attack vectors.
Network Modeling: Assess exposure risk accurately with detailed network modeling.
Dynamic Security Model: 360-degree view of your attack surface, including threat intelligence, risk data, and security policies.
Threat Intelligence: Continuously updated intelligence informs vulnerability severity and exploitability, enabling actionable remediations and automated controls.
Integration: Streamline remediation by integrating with existing IT service management tools, strengthening defenses against cyber threats.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Skybox Security's Continuous Exposure Management solution has demonstrably improved cyber risk management for organizations across the Asia Pacific region. A prime example is a leading Indian analytics and digital solutions provider with a prominent presence in India.

Challenge: This company, with a complex network environment and numerous security tools, struggled to prioritize vulnerabilities effectively. Their sheer volume (nearly 130,000) and reliance on generic scanners hampered efficient remediation.
Solution: The company implemented Skybox Vulnerability Control, gaining a complete view of their network and enabling them to prioritize and remediate critical vulnerabilities. Firewall Assurance and Network Assurance modules further optimized security policy management.
Results: Skybox significantly reduced critical vulnerabilities from 50,000 to just 150, meeting SLAs within four business days. Weekly scans and ongoing prioritization ensure continuous risk management. Skybox's network modeling and attack simulation capabilities provide valuable insights for proactive threat prevention. The solution also facilitates compliance with regulations like NIST, ISO 27002, and HIPAA.

This case study, publicly available on Skybox's website, highlights the success of Skybox's Continuous Exposure Management, featuring the Vulnerability Management solution, in empowering a prominent Indian organization with continuous threat exposure management.

BlueVoyant Website

Brief description of solution/service

BlueVoyant’s Managed Detection & Response (MDR) combines clients' existing security products with advanced technology and human-led expertise from its global Security Operations Center (SOC), which monitors clients’ networks 24x7. Clients have a cloud-based security solution that illuminates, validates, and quickly mitigates today’s internal and external threats. BlueVoyant combines extended detection and response (XDR) and security information and event management (SIEM) monitoring and management to detect and respond to security threats across a wide variety of data sources before they cause harm to the business.

What security-related issues did your organization desire to address with this solution/service

Many enterprises struggle with their cyber defence posture due to the need to manage a large number of tools in their security stack. Organisations are looking for an MDR solution that allows them to be closer to their own security data so that when a SOC Analyst, Threat Hunter, or Content Engineer needs to access data, they can work with their data directly, and not be intermediated by an MDR provider’s portal.

BlueVoyant’s evolved approach to MDR applies our data science and security expertise to help clients collect, normalise, rationalise, and access their own data, within their own tools.

What technologies and/or innovations are applied/deployed in this solution/service?

Supply Chain Defense - A solution for holistic third-party cyber risk management needs. BlueVoyant’s end-to-end solution features expert curated risk monitoring and directed remediation. Additional capabilities include a highly customizable questionnaire management platform, multiple levels of continuous monitoring for different tiers of vendors, and point-in-time vendor risk assessments to support procurement and M&A decisions.
DRP: Scan and Protect - BlueVoyant identifies and validates threats targeting the organization, providing actionable countermeasures to eliminate threats to your brand, employees, and customers. Our solution equips your team with visibility beyond the perimeter, continuously monitoring exclusive threat data sources.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Trusted by more than 900 clients in 40-plus countries worldwide, BlueVoyant’s presence in APJ continues to grow following the company’s expansion in APJ in 2022, offering comprehensive cyber risk protection to organisations in diverse sectors.

A current BlueVoyant customer is SGX-listed Seatrium, a global player with deep engineering expertise in the offshore, marine and energy industries.

Poh Leng Wee, Chief Information Security Officer, Seatrium: “Seatrium enhances its cyber defense by integrating BlueVoyant's MDR solution, which combines human expertise with automation and AI technology. This strategic alliance provides access to advanced platforms and seasoned security experts, utilizing AI to accelerate threat detection and response. The adoption of this AI-augmented MDR solution not only streamlines our security operations but also strengthens stakeholder confidence in our resilient and proactive security posture.”

Pentera Website

Brief description of solution/service

At Pentera, we lead the category in Automated Security Validation, committed to enabling organizations to test the integrity of all cybersecurity layers. Our research-driven approach consistently validates defenses against the latest threats, revealing the riskiest security exposures at any given moment, and on any scale. We emphasize total security validation to ensure that businesses remain adept and vigilant, closing security gaps before they are exploited. Thousands of security professionals and service providers globally trust Pentera to guide remediation and secure their defenses. Learn more at pentera.io.

What security-related issues did your organization desire to address with this solution/service

In an ever-evolving cyber landscape:

Many areas of the attack surface may go unnoticed.
Lack of skilled manpower to evaluate security.
Organizations may not be prepared for the latest attacks.
Pinpointing and remediating the riskiest security gaps is challenging.

What technologies and/or innovations are applied/deployed in this solution/service?

Ransomware Assessment: Validate security readiness against ransomware attacks.
Cloud Security: Continuously test cloud security defenses.
Attack Surface Monitoring: Discover digital assets and validate security continuously.
Penetration Testing: On-demand tests to find security gaps.
Red Teaming: Automate red team activities and scenarios.
Vulnerability Prioritization: Focus on high-risk vulnerabilities.
Mergers and Acquisitions: Guide cybersecurity due diligence during M&A.
Cyber Insurance: Secure favorable insurance premiums by demonstrating strong security posture.
Control Validation: Evaluate the efficacy of security controls.
Credential Security: Validate credential strength and hygiene.
SOC Performance Testing: Strengthen SOC team's threat detection capabilities.
Active Directory Security: Ensure the resilience of identity repositories.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Government, FSI, Retail, Healthcare, Energy, Telco Examples for nomination purposes, not to be publicly referenced: Genesis Care (AUS), Just Group (AUS), Department of Customer Service NSW (AUS), Land Information New Zealand (NZ), Sumitomo Mitsui Banking Corporation (SG), Mediacorp (SG), Japan Agency for Marine-Earth Science and Technology (JP), LAC (JP), BDO Unibank (PH), Globe Telecom (PH), ePLDT (PH), Land Bank of Philippines (PH), MediaTek (TW), Gulf Energy Development (TH), National Cyber Security Agency (TH), Hi Bank (IND), Ministry of Fishery, Indonesia (IND), CLP Power (HK)

Forescout Technologies Website

Brief description of solution/service

Amid increasing cyber threats to critical infrastructure, the Forescout Platform and its Vedere Labs research team empowers organizations to strengthen their security posture and stay ahead of threats that could cause substantial disruption to their businesses. Last year alone, Vedere Labs tracked 420 million+ attacks, 300 million+ exploits, 19 million+ devices, and 50,000+ malware samples.

What security-related issues did your organization desire to address with this solution/service

In an ever-evolving cyber landscape: Internet exposure of Operational Technology (OT) and Industrial Control Systems (ICS) continues to be a critical infrastructure security issue despite decades of raising awareness, new regulations, and periodic government advisories. Time and again, we've seen the dire consequences of ignoring critical infrastructure threats. It's not a matter of if, but when, these vulnerabilities will be exploited.

What technologies and/or innovations are applied/deployed in this solution/service?

Forescout employs its Adversary Engagement Environment (AEE) to conduct analysis, leveraging a blend of real and simulated connected devices. This dynamic environment functions as a robust tool, enabling the pinpointing of incidents and identifying intricate threat actor patterns at a granular level. Forescout elevates insights into complex critical infrastructure attacks from data in this specialized deception environment. Vulnerabilities impacting critical infrastructure are like an open window for bad actors in every community. State-sponsored actors and cybercriminals are developing custom malware to use routers for persistence and espionage directly through critical infrastructure.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

As one of Taiwan’s top wafer test service providers, the Ardentec IT team’s goal was to fortify network security to all of its branch locations in order to gain thorough network visibility and reduce the risk of unauthorized and unsecured devices potentially gaining access to their company network. The approach would also demonstrate commitment to network security for their wide range of global customers. Other priorities included gaining 100 percent traceability of network devices, having accessibility to early warning and alerts of rogue devices and unsecured connection events, and having overall stronger operational insight.

https://www.forescout.com/resources/ardentec-case-study/

Hitachi Vantara Website

Brief description of solution/service

Hitachi Virtual Storage Platform One (VSP One) is a single hybrid cloud data platform that helps organizations transform how they manage and leverage their data, in the age of AI. VSP One simplifies managing mission-critical workloads at scale. It provides a unified architecture with a single data plane, control plane, and data fabric across various storage types and environments – all managed by a single AI-enabled software stack.

What security-related issues did your organization desire to address with this solution/service

Our recent Modern Data Infrastructure Dynamics report highlighted how data-intensive technologies and applications are exacerbating the already-strained infrastructure and hybrid cloud environments on which they run, with six in 10 business leaders already overwhelmed by the amount of data they store, and 75% concerned their current infrastructure will be unable to scale for the future. Hitachi Virtual Storage Platform One represents a simplified approach to managing mission critical workloads at scale by providing one control plane, data fabric, and data plane across workloads – a data platform that will address all environments – and managed by a single AI-enabled software.

What technologies and/or innovations are applied/deployed in this solution/service?

With Hitachi Virtual Storage Platform One, customers can run, manage, and harness their applications anywhere, be it on-premises, in the cloud, or at the edge. This platform isn’t just about data management; it’s designed to help customers extract more value from their data. Powered by AI, it creates an intelligent data fabric that supports all data types across all environments.

Hitachi Virtual Storage Platform One is also infused with Hitachi Vantara machine learning models that enable administrators to not only query and pull insights from the infrastructure but to automate and augment processes, such as determining the best deployment architecture

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

“Our partnership with Hitachi Vantara has been instrumental in allowing us to help organizations optimize their cloud journeys and avoid costly pitfalls that hinder digital transformation success,” said Mauro Guzelotto, vice president of cloud services, T-Systems North America. “Hitachi Vantara’s Virtual Storage Platform One represents the next evolution of sustainable infrastructure, delivering reliability and simplicity at scale across diverse applications and data types."

“By consolidating their entire storage portfolio into a singular, cohesive platform, Hitachi Vantara has achieved a transformative milestone, streamlining operations and fostering significant data accessibility for organizations grappling with the complexities of data management,” said Ashish Nadkarni, Group Vice President and General Manager, Infrastructure Systems, Platforms and Technologies at IDC. “The significance of this rollout lies in the platform's ability to offer a unified data plane, seamlessly spanning across block, file, object, mainframe, cloud, and SDS workloads.”

Opswat Website

Brief description of solution/service

OPSWAT, a leader in Critical Infrastructure Protection for over 20 years, offers a comprehensive, prevention-based IT/OT platform. OPSWAT's solutions cover removable media security, cross-domain solutions, secure access, file upload security, malware analysis, secure email, network access control, storage security, and developer solutions. The MetaDefender platform, with patented zero-trust technology, addresses the unique needs of IT and OT environments. OPSWAT protects various levels of the Purdue model, including portable media security, secure data transfers, asset visibility, security gateways, industrial firewalls, and secure remote access. Additionally, OPSWAT Academy addresses the cybersecurity skills gap.

What security-related issues did your organization desire to address with this solution/service

Critical infrastructure faces three main challenges when it comes to cybersecurity: complex networks, lack of technologies built to protect both IT and OT environments, and lack of trained professionals that understand the intricacies of these environments and how to protect them. What truly sets OPSWAT apart is its purpose-built MetaDefender platform with patented zero-trust technologies that address the unique security needs of both IT and OT, solutions that integrate together, and training specifically designed to address the skills gap of cybersecurity professionals that are tasked with protecting critical infrastructure environments.

What technologies and/or innovations are applied/deployed in this solution/service?

OPSWAT employs several advanced technologies to ensure prevention-based security. Deep Content Disarm and Reconstruction (Deep CDR) regenerates safe, usable files and is the first to achieve a 100% total accuracy rating. Multiscanning is an advanced threat detection and prevention technology that increases detection rates, decreases outbreak detection times, and provides resiliency for single vendor anti-malware solutions. Proactive Data Loss Prevention (DLP) can help prevent potential data breaches and regulatory compliance violations by detecting and blocking sensitive, out-of-policy, and confidential data in files and emails, including credit card numbers and social security numbers.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

North Grid, a Japanese software company, specializes in developing software for online storage and application systems, offering solutions like Proself and Proself Gateway Edition for local governments. Their main challenge was securing file uploads against malicious content. Partnering with OPSWAT, they integrated Deep Content Disarm and Reconstruction (Deep CDR) and Multiscanning technologies into Proself, ensuring security for Japanese local governments.

Another notable customer, a major banking institution in Taiwan with 108 branches and 39 overseas units, faced constant threats from malware and phishing. They upgraded their security measures by adopting multiple OPSWAT solutions, including MetaDefender Kiosk and MetaDefender Email Security with Multiscanning and Deep CDR technologies. This comprehensive approach effectively prevented advanced evasive malware, zero-day attacks, and advanced persistent threats (APTs) from entering their network.

Infoblox Website

Brief description of solution/service

Infoblox offers a robust set of solutions to protect mission-critical DNS infrastructure from threats, ensuring cyber resilience. Key offerings include Advanced DNS Protection, which detects and stops attacks like DDoS and DNS hijacking, minimising false positives and maintaining DNS functionality during attacks. DNS Firewall enhances security by blocking access to malicious domains using DNS RPZs (Response Policy Zones). Threat Insight defends against data exfiltration through DNS tunnelling, preventing unauthorised data transfers. Infoblox's security ecosystem integrates with partners like FireEye and utilises TAXII (Trusted Automated eXchange of Indicator Information) services to detect and mitigate advanced persistent threats (APTs).

What security-related issues did your organization desire to address with this solution/service

Infoblox addresses critical security issues affecting DNS infrastructure, including external DNS attacks (DDoS, DNS reflection/amplification, and hijacking), internal threats, data exfiltration, and advanced persistent threats (APTs). The solutions were designed to ensure continuous operation of mission-critical DNS services, even during attacks - something that is of utmost importance for critical infrastructure. By integrating with other solutions in the security stack and utilising advanced threat intelligence, Infoblox enhances overall security, detects and mitigates sophisticated cyber threats, and builds a resilient infrastructure that protects sensitive information and maintains network integrity.

What technologies and/or innovations are applied/deployed in this solution/service?

Infoblox employs advanced technologies to safeguard critical infrastructure. Advanced DNS Protection ensures continuous business operations by blocking the widest range of DNS attacks. It intelligently detects and mitigates threats using constantly updated threat intelligence, responding only to legitimate queries without relying on infrastructure overprovisioning. DNS Firewall uses DNS RPZs for dynamic policy control, blocking malicious domains. Threat Insight leverages analytics to prevent data exfiltration through DNS tunnelling. Infoblox's security ecosystem integrates with partners for enhanced threat detection and mitigation of APTs and uses TAXII to facilitate the automated exchange of threat indicators, ensuring timely and effective response to cyber-attacks.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Infoblox's solutions for critical infrastructure protection have been deployed across various industries in the Asia Pacific region, including transportation, public sector, financial services, and manufacturing. A notable deployment is with Keio Corporation, a private railway operator in Tokyo, Japan, who adopted Infoblox’s solutions to enhance their cybersecurity posture. Facing significant compliance requirements and the need to modernise their network, Keio leveraged these solutions to detect and mitigate sophisticated threats, ensuring the security and availability of their network services.

By leveraging advanced analytics and machine learning, Keio could detect and block sophisticated threats such as DNS-based attacks, domain name generation algorithms (DGAs), and fast-flux attacks. Keio has also improved operational efficiency by receiving comprehensive insights through custom dashboards and reports, enhancing the company’s ability to manage and secure its network effectively.

As a result, Keio has further enhanced its cybersecurity posture and modernised its network to scale for future growth. It is now proactively protecting approximately 6,000 client PCs and can detect over 50 communications to URLs that had previously not been detected.

Singtel Website

Brief description of solution/service

Appointed by Infocomm Media Development Authority to develop Singapore's first National Quantum-Safe Network Plus (NQSN+) as part of the nation’s Digital Connectivity Blueprint, Singtel’s Quantum-Safe Network (QSN) secures our digital economy for the business by leveraging on Quantum Key Distribution technology to protect confidential data against quantum computing threats. The service is part of Singtel’s domestic network offerings which are built and engineered to secure business-critical data and provide enhanced security for the data network with flexibility in deployment. As a fully managed end-to-end service, Singtel’s QSN provides comprehensive support and management to enable rapid adoption by customers.

What security-related issues did your organization desire to address with this solution/service

Q-day is widely referred as the day quantum computers are powerful enough and will potentially be used by malicious actors to attack traditional data encryption mechanisms. With quantum computing gaining traction, it is imperative that organisations embark on their Quantum Safe migration journey to boost their resiliency before Q-day arrives.

Partnering with ID Quantique (IDQ), Singtel provides nationwide QSN coverage and secures data networks from advanced quantum threats, empowering enterprises with solutions to safeguard their critical infrastructure. Singtel will also develop a talent pool in Singapore with deep expertise in QSN design, solutioning, engineering and operations to support customers.

What technologies and/or innovations are applied/deployed in this solution/service?

Singtel QSN will employ advanced quantum key distribution, a secure mechanism based on the laws of quantum physics for distributing encryption keys only known between shared parties, and post-quantum cryptography, a new, advanced form of encryption algorithms that are secure against attacks from quantum computers.

It leverages on Singtel’s managed network services and extensive fibre network with selected exchanges stipulated as trusted nodes to establish a reliable, secure and resilient nationwide quantum key distribution network. This enables enterprises to secure their communications and extends quantum-safe security to new use cases and applications such as identity, mobility and authentication services.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Singtel is also laying the foundation for becoming a regional hub for quantum computing as well as a launchpad for new leading-edge innovations and applications.

In March 2024, Singtel signed three Memoranda of Understanding with industry leaders, Cisco, Fortinet, and Nokia, to provide quantum security solutions to enterprises through its QSN. With this collaboration, enterprises can tap on Cisco's routing platform, Fortinet's firewalls and Nokia's optical devices to boost their defences against advanced cyber threats. These solutions utilise quantum key distribution from Singtel’s QSN and can be easily integrated into the enterprises’ existing network and security infrastructure.

Singtel is also working with government agencies such as HTX (Home Team Science and Technology Agency) to develop and test quantum-safe network use cases.

Illumio Website

Brief description of solution/service

Illumio's Zero Trust Segmentation (ZTS) platform provides an easy, scalable, and consistent way for enterprises to see, segment, and secure their whole estate – from cloud to endpoint and data centres, providing unprecedented levels of visibility and control right down to the workload level. Put simply; it stops breaches from spreading by preventing attackers from moving laterally within networks, safeguarding critical assets and data.  

Illumio is easy to use and rapid to deploy, enabling organisations to achieve operational readiness in a matter of hours. Central control also simplifies the management of security policies, ensuring consistent enforcement and delivering real-time visibility.

What security-related issues did your organization desire to address with this solution/service

Enterprise security has never been harder. Attacks are frequent and costly; environments complex; and perimeters fragmented. Many are turning to microsegmentation to build resilience, but attempting microsegmentation with firewalls or traditional technologies is difficult. Security teams don’t have time to manage multiple firewalls or visibility across environments.  

Illumio’s Zero Trust Segmentation platform is designed for modern hybrid enterprise environments, and solves these problems. Through one tool, enterprises can see all network traffic and implement least-privilege access across cloud, endpoint, data centre and containers - facilitating rapid segmentation at scale and enabling comprehensive breach containment.

What technologies and/or innovations are applied/deployed in this solution/service?

With Illumio ZTS, customers can see risk and set policy across their whole estate from one console, simplifying security policy management. Organisations choose Illumio because of its highly predictable architecture. Its lightweight Virtual Enforcement Nodes (VENs) are not inline to traffic and Illumio programs the workload OS firewall, whereas other vendors use inline agents that aren’t passive, and perform the firewall operations themselves.  

It’s also much easier to build, model, and test segmentation policies with Illumio. Illumio’s Policy Generator discovers and automatically suggests policies based on real-time traffic patterns which makes the work of fine-tuning policies quick and straightforward.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Illumio’s ZTS Platform is deployed across a plethora of organizations in APAC from SMEs to enterprises and globally we protect over 3.5 million workloads.

One customer that’s benefitted from Illumio ZTS is insurance company QBE. Prior to Illumio, QBE relied on physical firewalls and virtual firewall appliances for segmentation, which proved to be labour intensive and complex. Firewall rule sets were almost unmanageable for the team, potentially putting the very applications they were trying to protect at risk.

Illumio provided a simple solution to a complex problem with its real-time application dependency map showing traffic flows between workloads wherever they run, simplifying network security.

Andrew Dell, CISO at QBE comments: “Having the ability to span the physical and the virtual and present insights in a highly resolved fashion is a game-changer. It enabled us to be more efficient with our resources and planning right away.”

Nick Venn, global collaboration and cyber infrastructure manager at QBE adds: “The best thing is the policy can now follow the workload, so we don’t have to worry about recreating policies or re-architecting the network. That flexibility is absolutely essential.”

ExtraHop Website

Brief description of solution/service

ExtraHop is the cybersecurity partner enterprises trust to reveal cyber risk and build business resilience. With customers representing nearly a quarter of the Fortune 100, the RevealX platform is the only Network Detection and Response (NDR) solution that delivers the 360-degree network visibility needed to expose the unknown, uncover more threats, and move at the speed of risk. Named a Leader in The Forrester Wave™: Network Analysis And Visibility, ExtraHop helps analysts investigate and stop threats faster, offering significant improvements in time to detect (83%), investigate and resolve threats (87%) (via Forrester).

What security-related issues did your organization desire to address with this solution/service

Adversaries are increasingly finding ways to circumvent traditional cybersecurity controls like firewalls, SIEM, and EDR, hiding in encrypted east-west network traffic; using living-off-the-land techniques; and exploiting devices that organizations can’t put an endpoint agent on.

RevealX, ExtraHop’s NDR platform, harnesses the power of the network, which sees everything, shows everything, and cannot be evaded - leaving attackers nowhere to hide.

RevealX ingests, monitors, and analyzes network data in real-time, giving enterprises unparalleled visibility into all of their east-west, north-south network traffic. When attackers bypass all other security controls, RevealX quickly catches anomalous behaviours that signal early stage attacks like ransomware.

What technologies and/or innovations are applied/deployed in this solution/service?

With 70+ patents, AI is a key technology built into RevealX since day one, generating millions of predictive models specific to customers to detect anomalous and suspicious behaviors as they occur. By applying AI to layers of network telemetry, the platform can quickly identify all devices on the network, and detect, investigate, and respond to threats like double-extortion ransomware.

Against the backdrop of widening threat landscapes, ExtraHop also recently launched a first-of-its-kind AI Search Assistant, accelerating threat hunting for resource-strapped SOC analysts via a generative AI-powered natural language search assistant.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Leading financial institutions in the Asia Pacific region deploy RevealX to secure their organizations and overcome challenges presented by regulatory compliance, legacy infrastructures, and alert fatigue caused by a widening threat landscape. Because of regulations, multiple networks within the same financial enterprise tend to be isolated from each other, making it difficult to see what is happening, or who is hiding, in the network. Similarly, decisions to make technology changes move slowly because of concerns about regulatory compliance. To overcome these hurdles, financial institutions deploy ExtraHop to gain complete visibility across their networks and the entire attack surface, including multiple clouds, data centers, and remote sites, so they can catch cyberattacks before it's too late.

ExtraHop also works with leading manufacturers by protecting modernized shop floors with sophisticated OT networks. Modern manufacturers depend on equipment that requires constant connectivity and must avoid any costly downtime that comes as a result of cyber incidents. With visibility across connected, distributed environments and critical systems, RevealX monitors all devices and equipment within a manufacturer’s facilities and is able to isolate equipment issues and vulnerabilities very quickly, limiting downtime.

Anxinsec(AB) Technology Co., Limited Website

Brief description of solution/service

Traditional security measures often fall short in providing comprehensive protection against evolving threats, leaving the government digital assets vulnerable to breaches, data loss, and homeland security threats. Anxinsec Unified Management Platform (UMP), as a next generation Security Operations Center solution with a native Security Orchestration, Automation and Response (SOAR), embraces cutting-edge technologies and novel methodologies to redefine cyber security strategies. Even with these advanced features, it can process up to 30,000 events/logs per second, which is more than 10 times the industry average. The average MMTR (Mean time to respond) has been shortened from one week to 35 minutes.

What security-related issues did your organization desire to address with this solution/service

Anxinsec UMP prioritize long-term sustainability by ensuring that our solution remains robust and adaptive to evolving threats. Continuous research and development efforts enable us to stay ahead of emerging threats and incorporate proactive measures to future-proof our solution. Additionally, our commitment to ongoing support and updates ensures that organizations can rely on our solution for sustained protection against cyber security risks.In research field of AI + SOC, we’re on the way of realize more features of Enhanced Anomaly Detection, Enhanced Predictive Analytics to identify new APT and 0-day attacks, NLP in Threat Hunting and Query Builders and new AI-driven Reporting.

What technologies and/or innovations are applied/deployed in this solution/service?

Anxinsec Unified Management Platform (UMP), embraces cutting-edge technologies and novel methodologies to redefine cyber security strategies. Leveraging advancements in AI, ML and Behavioral Analytics, we offer a proactive defense mechanism integrating over 100 kinds of security products and digital systems from over 30 vendors. By adopting a predictive and adaptive approach, our solution can detect and mitigate threats in real-time, effectively neutralizing potential risks before they escalate with over 3, 000 out-of-box detection rules. Moreover, our unique perspective considers overlooked aspects of cyber security, such as human factors and psychological tactics employed by attackers, to provide a holistic defense strategy.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Government agencies

Yubico Website

Brief description of solution/service

As the inventor of the YubiKey, Yubico makes secure login easy with phishing-resistant MFA. Yubico is setting global standards for secure access to computers, mobile devices, and more, and is a creator and core contributor to the FIDO2, WebAuthn, and FIDO Universal 2nd Factor (U2F), and open authentication standards.

What security-related issues did your organization desire to address with this solution/service

As the inventor of the YubiKey, Yubico makes secure login easy and available for everyone. The company has been a leader in setting global standards for secure access to computers, mobile devices, and more. Yubico is a creator and core contributor to the FIDO2, WebAuthn, and FIDO Universal 2nd Factor (U2F), and open authentication standards. YubiKeys are the gold standard for phishing-resistant multi-factor authentication (MFA), enabling a single device to work across hundreds of consumer and enterprise applications and services. Yubico has a presence around the globe.

What technologies and/or innovations are applied/deployed in this solution/service?

Since the company was founded in 2007, it has been a leader in setting global standards for secure access to computers, mobile devices, servers, browsers, and internet accounts. Yubico is a creator and core contributor to the FIDO2, WebAuthn, and FIDO Universal 2nd Factor (U2F) open authentication standards, and is a pioneer in delivering modern, hardware-based authentication security at scale. Yubico’s technology enables secure authentication, encryption, and code signing and is used and loved by many of the world’s largest organizations and millions of customers in more than 160 countries

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Gojek is Southeast Asia’s leading on-demand, super app provider, connecting individuals with a wide range of services including transport, payments, food delivery, logistics, and more. With more than 5,000 internal employees, Gojek understood the necessity to secure company data, while also delivering a friendly user experience. As a G Suite-based infrastructure, Gojek chose to work with Yubico to deploy YubiKeys for secure authentication. Employees saw a significant reduction (nearly 50%) of the time to authenticate using a YubiKey compared with using a one-time password (OTP) via SMS. Logins were nearly four times faster when comparing the YubiKey to Google Authenticator.

Atlassian is a leading provider of team collaboration and productivity software, with many remote workers in Australia, Netherlands, United States, Japan, India, Philippines and Turkey. Atlassian builds collaboration and productivity software to help teams organize, discuss, and complete shared work. With more than 4,000 employees and many ecosystem partners, YubiKeys are able to address Atlassian’s need to simplify their employee’s authentication experience without sacrificing strong security. Users could follow strong two-factor or multi-factor authentication, all with an intuitive, fast and easy manner. And with strong phishing defense, YubiKeys enabled the workforce to stay protected against sophisticated phishing attacks.

Varonis Website

Brief description of solution/service

Varonis is a leader in data security, helping people and companies protect against cybercriminals and malicious insiders. Our cloud-native Data Security Platform automatically eliminates data exposure and detects active threats. Expert incident responders proactively monitor and respond to incidents so our customers don't have to.

With Varonis, organizations reduce mountains of risk automatically. Our Data Security Platform vastly decreases the likelihood of a data breach. Should an incident occur, any impact will be small because we lock down data, minimize the potential blast radius, and detect the earliest signs of attacks.

What security-related issues did your organization desire to address with this solution/service

Organizations face overwhelming levels of data exposure that grow larger by the second — and cybercriminals are exploiting faster than ever. While we don't know where the next cyberattack will come from, we do know what cybercriminals want — data.

Varonis Data Security Platform delivers automated outcomes by limiting data exposure—and risk—across multi-cloud, SaaS, and on-prem. Varonis is the only data security solution that can intelligently eliminate unnecessary access at scale, helping security teams keep up with the ever-growing risk of data exposure as more data is created and shared.

What technologies and/or innovations are applied/deployed in this solution/service?

We've introduced automated, game-changing features to help customers effortlessly remediate compliance gaps, limit third-party access, automatically fix security issues, and continually remove unnecessary access to Microsoft 365, Google Drive, and others. Our strategic collaboration with Microsoft helps companies safely harness the power of AI with Microsoft Copilot for Microsoft 365.

Our Varonis Threat Labs team of security researchers and data scientists are among the most elite cybersecurity minds in the world, helping our customers use to find and close gaps before attackers can, and all learnings are programmed into our platform to help customers stay ahead of cyberattacks.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Varonis is deployed across industries and both public and private entities including governments and private industries from education to manufacturing and beyond.

Thales Website

Brief description of solution/service

The CipherTrust Data Security Platform integrates data discovery, classification, data protection and unprecedented granular access controls, all with centralized key management.

What security-related issues did your organization desire to address with this solution/service

This solution removes data security complexity, accelerates time to compliance, and secures cloud migration, which results in less resources dedicated to data security operations, ubiquitous compliance controls, and significantly reduced risk across your business

What technologies and/or innovations are applied/deployed in this solution/service?

CDSP centralize key management for both native and third-party encryption security selected by organizations regardless of on-premise infrastructure and/or different cloud service provider.

CDSP also added on CipherTrust Secrets Management (CSM) as an offering within the platform. CSM is a state-of-the-art Secrets Management solution, powered by the Akeyless, which protects and automates access to secrets across DevOps tools and cloud workloads including secrets, credentials, certificates, API keys, and tokens.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

FSI, enterprises and Government sectors across APAC who need to migrate from on-premise to hybrid/multi-cloud in order to take advantage of the agility, and speed to market when they digitized their business and operations or take full advantage of the scalability of the public and still maintain of their sensitive data. An example of this technology being adopted - A highly regulated global energy company with operations in multiple countries needed to protect high-value data across multiple platforms. The organization was concurrently migrating most of its data centers to the cloud. The company had hundreds of Microsoft Azure subscriptions, and each used several key vaults, increasing the complexity for managing keys. The customer wanted a vendor-agnostic solution able to centrally manage and store keys on premises for multi-cloud deployments leveraging the bring your own key (BYOK) model.(https://cpl.thalesgroup.com/resources/encryption/high-value-data-security-case-study) Other Notable case studies: https://cpl.thalesgroup.com/resources/encryption/customer-data-protection-for-indonesian-bank-case-study

Proofpoint Website

Brief description of solution/service

Proofpoint Insider Threat Management (ITM) is a SaaS solution that takes a people-centric approach to protect sensitive data from insider threats and data loss at the endpoint. By combining context across content, behaviour and threats, it provides deep visibility into user activities, helping security teams detect and prevent insider-led data breaches.

What security-related issues did your organization desire to address with this solution/service

The cost of an insider threat incident is the highest it’s ever been with the total annual average cost of insider risk $16.2 million in 2023, up from $15.4 million in 2022. This is exactly why Proofpoint’s ITM was created: to protect against data loss and brand damage involving insiders either acting maliciously, negligently, or unknowingly. With ITM, Proofpoint empowers security teams to reduce insider threat risk and frequency, accelerate insider threat response and increase efficiency of their security operations.

What technologies and/or innovations are applied/deployed in this solution/service?

Proofpoint ITM is built on the microservices-driven Proofpoint Information and Cloud Security platform. It gathers telemetry from endpoints, email and cloud, while webhooks into the platform make it easy for SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation, and Response) tools to ingest ITM alerts, so incidents can be identified and triaged faster. It monitors risky users by building watchlists based on criteria like a user’s role and data they interact with. It also considers their vulnerability to phishing and other social engineering factors, taking into account changes in employment status, other human resources and legal factors.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Your World Recruitment is a global staffing organisation that provides high-calibre careers to experienced professionals worldwide and in Singapore. It faced challenges in the recruitment industry due to high turnover and the risk of unauthorised data movement. To address these concerns, they sought a solution to empower their small IT team in detecting and responding to data breaches and risky activities effectively.

They chose Proofpoint's ITM for its user-friendly nature, enabling easy implementation without extensive security training or a large team. The platform efficiently identified threats based on severity, reducing the need for excessive fine-tuning and hands-on alert management.

The recruitment industry's vulnerability to insider threats and data exfiltration due to vast amounts of sensitive candidate and employment data was a concern. Your World Recruitment's five-person IT department struggled to actively monitor insider threats amid various tasks.

Proofpoint's assistance was invaluable in identifying and preventing potential insider threats, such as users attempting fraud through falsified expenses, impersonating candidates to steal money, and sharing credentials leading to data leaks. Utilising Proofpoint significantly bolstered their security measures and mitigated insider threat risks.

Cohesity Website

Brief description of solution/service

Cohesity is a leader in AI-powered data security and management solutions that make it easier for organisations to protect, manage, and get value from data – across the data centre, edge, and cloud. Cohesity helps organisations defend against cybersecurity threats with comprehensive data security and management capabilities, including immutable backup snapshots, AI-based threat detection, monitoring for malicious behaviour, rapid recovery at scale, and extensibility with third-party solutions. Cohesity solutions are delivered as a service, self-managed, or provided by a Cohesity-powered partner. Cohesity, headquartered in the US, is trusted by the world’s largest enterprises, including 47 of the Fortune 100.

What security-related issues did your organization desire to address with this solution/service

With cyberattacks being a ‘when’ not ‘if’ reality, combined with a cyberthreat landscape that grows in sophistication, frequency, and volume, by the minute; cyber resilience is fundamental. Leveraging Cohesity solutions, customers can recover from cyberattacks faster, manage & secure their data, and gain valuable insights with leading AI capabilities. Cohesity Data Cloud helps them protect their data, detect threats through monitoring & scanning, respond to threats by isolating incidents & eliminating threats, recover data at scale, and identify sensitive data assets & potential risks to this data. It is these capabilities that allow customers to become or remain cyber resilient.

What technologies and/or innovations are applied/deployed in this solution/service?

Cohesity provides organisations with AI-powered data security & management capabilities through a single platform - Cohesity Data Cloud - that reduces their attack surface, minimises risk, and provides business insights. This includes being able to protect & secure data, provide data mobility & access, and deliver AI-driven insights. Crucial cyber resilience capabilities provided by deploying Cohesity Data Cloud include: AI-powered conversational search, data backup & recovery, immutable backup snapshots, encryption of data, instant mass file restore, continuous data protection, long term retention, ransomware recovery, threat protection, data classification, AI/ML anomaly threat detection, MFA, role-based access control (RBAC), and Quorum controls.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Cohesity helps numerous organisations around the world, in a wide range of industries, and use cases to enhance their data security, management, and recovery capabilities. In the Asia-Pacific region, this includes some of South East Asia’s biggest banks, mining and energy companies in Australia, schools, healthcare services and hospitals, government services, energy infrastructure companies, legal firms, media & technology companies, and pharmaceutical companies. A good example of a customer we have helped tackle ransomware is Origin Property in Thailand, who had been relying on a legacy solution for data protection and recovery, which they thought had insulated and protected their data. However, this legacy data protection solution proved to fail at preventing or recovering data from a ransomware attempt. Interestingly, Origin had just initiated a proof of concept (PoC) with Cohesity’s Data Cloud platform for backup and recovery, disaster recovery, and ransomware recovery. Through our Cohesity Data Cloud POC deployment they were able to recover quickly and completely within 3 hours, compared to their previous backup window of 20 hours, lower their total cost of ownership for this capability within their IT and Security environment, and they were able to get their data back without having to pay the ransom.

ExtraHop Website

Brief description of solution/service

ExtraHop is the cybersecurity partner enterprises trust to reveal cyber risk and build business resilience. With customers representing nearly a quarter of the Fortune 100, the RevealX platform is the only Network Detection and Response (NDR) solution that delivers the 360-degree network visibility needed to expose the unknown, uncover more threats, and move at the speed of risk. Named a Leader in The Forrester Wave™: Network Analysis And Visibility, ExtraHop helps analysts investigate and stop threats faster, offering significant improvements in time to detect (83%), investigate and resolve threats (87%) (via Forrester).

What security-related issues did your organization desire to address with this solution/service

Adversaries are increasingly finding ways to circumvent traditional cybersecurity controls like firewalls, SIEM, and EDR, hiding in encrypted east-west network traffic; using living-off-the-land techniques; and exploiting devices that organizations can’t put an endpoint agent on.

RevealX, ExtraHop’s NDR platform, harnesses the power of the network, which sees everything, shows everything, and cannot be evaded - leaving attackers nowhere to hide.

RevealX ingests, monitors, and analyzes network data in real-time, giving enterprises unparalleled visibility into all of their east-west, north-south network traffic. When attackers bypass all other security controls, RevealX quickly catches anomalous behaviours that signal early stage attacks like ransomware.

What technologies and/or innovations are applied/deployed in this solution/service?

With 70+ patents, AI is a key technology built into RevealX since day one, generating millions of predictive models specific to customers to detect anomalous and suspicious behaviors as they occur. By applying AI to layers of network telemetry, the platform can quickly identify all devices on the network, and detect, investigate, and respond to threats like double-extortion ransomware.

Against the backdrop of widening threat landscapes, ExtraHop also recently launched a first-of-its-kind AI Search Assistant, accelerating threat hunting for resource-strapped SOC analysts via a generative AI-powered natural language search assistant.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Leading financial institutions in the Asia Pacific region deploy RevealX to secure their organizations and overcome challenges presented by regulatory compliance, legacy infrastructures, and alert fatigue caused by a widening threat landscape. Because of regulations, multiple networks within the same financial enterprise tend to be isolated from each other, making it difficult to see what is happening, or who is hiding, in the network. Similarly, decisions to make technology changes move slowly because of concerns about regulatory compliance. To overcome these hurdles, financial institutions deploy ExtraHop to gain complete visibility across their networks and the entire attack surface, including multiple clouds, data centers, and remote sites, so they can catch cyberattacks before it's too late.

ExtraHop also works with leading manufacturers by protecting modernized shop floors with sophisticated OT networks. Modern manufacturers depend on equipment that requires constant connectivity and must avoid any costly downtime that comes as a result of cyber incidents. With visibility across connected, distributed environments and critical systems, RevealX monitors all devices and equipment within a manufacturer’s facilities and is able to isolate equipment issues and vulnerabilities very quickly, limiting downtime.

Rubrik Website

Brief description of solution/service

Rubrik Security Cloud, powered by machine learning, is a SaaS platform that delivers data protection and cyber resilience in a single platform. It enables enterprises to keep data secure, monitor data risk – across enterprise, cloud, and SaaS applications. Rubrik offers many data protection and security solutions with air-gapped, immutable, access-controlled backups. Organizations are empowered to uphold data integrity, deliver data availability that withstands adverse conditions, continuously monitor data risks and threats, and restore businesses with their data when infrastructure is attacked. The platform features automated data discovery, classification, and protection to meet compliance and governance standards.

What security-related issues did your organization desire to address with this solution/service

Bad actors are increasingly targeting backup data. Infrastructure security tools are insufficient as legacy backup tools are vulnerable when cyberattackers take down data. Rubrik addresses key security issues such as ransomware protection with immutable backups and rapid recovery, data loss prevention through automated backups and encryption, and regulatory compliance via retention policies and detailed audit trails. It enhances data privacy with robust access controls and sensitive data discovery, supports disaster recovery across hybrid and multi-cloud environments, and ensures operational resilience with a zero trust architecture. These features collectively improve data security, ensure business continuity, and help meet regulatory requirements.

What technologies and/or innovations are applied/deployed in this solution/service?

Machine Learning: Rubrik Security Cloud is governed by machine learning. An organization’s backup data is rich with information including metadata, hashes and other attributes - Rubrik Security Cloud can feed this information into a machine learning pipeline that forms intelligent insights that streamline the ransomware recovery decision-making process. In addition, organisations can detect anomalies and determine scope of cyberattack using ML to actively monitor and generate alerts for suspicious activity.

Zero trust by design with the native immutability, secure protocols, logical air gap, encryption, role-based access controls, MFA, and native services – all to uphold data integrity and availablility.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Our customers span all verticals. All public customers: https://www.rubrik.com/customers/all-customers?tagFilters0=rubrik%253Aregion%252Fapac Some of our publicly referenceable APAC customers include:

Critical Infrastructure – (Malaysia) PLUS Malaysia Berhad
BFSI: (Indonesia) BFI Finance
Utilities: (Australia) ERM Power
Technology: (Japan) COMTEC
Government: (Australia) Redland City Council

Nexusguard Website

Brief description of solution/service

Nexusguard’s Managed DDoS Mitigation Service integrates innovative and proprietary technologies, security and service expertise as well as processes honed over fourteen years in the cybersecurity industry. With Nexusguard, CSPs can offer DDoS protection solutions as a service, move up the cybersecurity value chain and gain access to additional sales pipelines.

What security-related issues did your organization desire to address with this solution/service

Nexusguard’s AI-driven Smart Mode solution leverages big data analytics, implementing Machine Learning technology to track changes against traffic baselines autonomously and detect unusual patterns that might indicate the presence of a potential threat. Compared to traditional threshold-based detection methods, Nexusguard’s Smart Mode is capable of identifying malicious attack patterns from high volumes of traffic data with improved precision, making it an ideal solution for protecting CSP networks and infrastructures against the threat of advanced attacks such as Bit-and-Piece attacks, Black Storm attacks and potential Zero-day attacks.

What technologies and/or innovations are applied/deployed in this solution/service?

Automated, Intelligent Detection & Mitigation Upon detecting malicious attempts, Nexusguard’s mitigation platform generates alarms and initiates the process according to a filter-based security profile built and fine-tuned using deep learning technologies to detect threats. Malicious attempts are headed off before reaching customer networks or applications. Granular Visibility & Control Designed for multi-tenant environments, Nexusguard Portal is a premier traffic visibility, management and reporting system built to meet the diverse needs of modern networks. Nexusguard Portal combines network visibility, powerful tools and educational resources to create a cost-effective, “single-pane-of-glass” platform for managing DDoS detection and mitigation policies and obtaining actionable intelligence.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Through Nexusguard’s comprehensive DDoS protection solution with 99% uptime guarantee, Malaysia’s PPT Telecommunications (PPTEL) was able to help fully secure Sarawak government agency networks as well as networks of public organizations. The deployment of our versatile MX7000 delivered fully scalable and highly customizable protection against evolving DDoS attacks, well exceeding Sarawak’s strict compliance requirements, transforming PPTEL into a managed security service provider (MSSP) with the capability of protecting its customers against all forms of cyber threats.

Viettel Security Website

Brief description of solution/service

Viettel Anti DDoS Solution detects and mitigates DDoS Attacks to protect our customer’s infrastructure, ensuring service stability and preventing downtime. Utilizing advanced technologies like deep packet inspection, machine learning, and BGP Flowspec, we can detect attacks in under a minute and mitigate them simultaneously while sending alerts to customers. By leveraging our powerful ISP network infrastructure, Viettel can handle and mitigate nearly all DDoS attacks, even those exceeding hundreds of gigabits per second. Additionally, the entire process (detection, mitigation, and alert sending) is automated. Each process triggers notification SMS and emails to the operation team and customers

What security-related issues did your organization desire to address with this solution/service

Vietnam has experienced a significant increase in volumetric DDoS attacks. Some attacks have reached peak bitrates (Gbps) exceeding 600 and peak packet rates (Mpps) surpassing 100. These attacks aim to overwhelm network resources by saturating the network links of companies. They target network devices such as firewalls and load balancers, ultimately disrupting services and negatively impacting user experience, leading to substantial financial losses. Unlike vendor-specific solutions, our Viettel Anti-DDoS Solution can be implemented on any ISP infrastructure, reduces the costly investments typically associated with integration and deployment, effectively detects and mitigates DDoS attacks, safeguarding your network and ensuring business continuity.

What technologies and/or innovations are applied/deployed in this solution/service?

As the biggest ISP here in Vietnam, we have utilized large Netflow traffic combining with Machine learning and Profiling to automatically analyze, detect and mitigate attacks in less than a minute.
Applying BGP Flowspec and Remote Trigger Blackhole to enhance the scrubbing ability by turning each edge router in the ISP network into a DDoS traffic scrubbing center, therefore can mitigate attacks reaching hundreds of Gbps.
Anycast technique is applied to help load balancing traffic between Scrubbing Center throughout the country, along with DPI technology assuring precision in filtering and blocking DDoS attacks.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Our Anti-DDoS solution extends beyond Vietnam, serving a total of five ISPs in Southeast Asia and Africa: Metfone (Cambodia), Unitel (Laos), Mytel (Myanmar), and Movitel (Mozambique). These ISPs hold the largest market shares in their respective countries' telecom industries. Our solution safeguards the telecommunication infrastructure and protects approximately 80 million users across these ISPs from DDoS attacks. Since 2017, our DDoS protection has been deployed on the Viettel ISP network, Vietnam's largest with hundreds of millions of users. This massive network exchanges traffic globally with other ISPs, reaching peak capacities of up to 10 Tbps. Our solution has successfully detected and mitigated real-time DDoS attacks, safeguarding Viettel's entire infrastructure and customer base. This ensures uninterrupted service quality and a seamless user experience. Our solutions and services effectively protect over 1,000 companies and organizations in security-sensitive sectors like finance, banking, insurance, and government. As a result, these organizations benefit from 24/7 protection against DDoS attacks, ensuring the uninterrupted operation of their critical business activities.

Viettel Security Website

Brief description of solution/service

The Viettel Endpoint Detection & Response (VCS-aJiant) stands out as an extensive solution for detecting, investigating, and responding to threats within hybrid deployments across South East Asia. Notably, VCS-aJiant represents a significant advancement as it is the inaugural technology solution in Vietnam to offer a proactive approach encompassing complete capabilities for endpoint protection, detection, and response within a unified platform.

What security-related issues did your organization desire to address with this solution/service

The VCS-aJiant product aims to address various security-related issues, including threat detection, incident investigation, rapid response, endpoint protection, compliance, and visibility/control over endpoint activities. VCS-aJiant incorporates comprehensive Threat Feeds sourced from Viettel's Threat Intelligence platform and regularly refreshes data from our exclusive channels, leveraging the expansive network of the largest ISP in South East Asia. Furthermore, our team of Threat Hunting specialists, acknowledged as leading global white-hat hackers, consistently provides the latest intelligence updates for VCS-aJiant.

What technologies and/or innovations are applied/deployed in this solution/service?

The VCS-aJiant product aims to address various security-related issues, including threat detection, incident investigation, rapid response, endpoint protection, compliance, and visibility/control over endpoint activities. VCS-aJiant incorporates comprehensive Threat Feeds sourced from Viettel's Threat Intelligence platform and regularly refreshes data from our exclusive channels, leveraging the expansive network of the largest ISP in South East Asia. Furthermore, our team of Threat Hunting specialists, acknowledged as leading global white-hat hackers, consistently provides the latest intelligence updates for VCS-aJiant.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Our solution has successfully served numerous customers across various industries and countries, including Laos, Myanmar, Cambodia, Peru, Philippines and many others. VCS-aJiant has played a crucial role in safeguarding X Corporation, a technology company with over 30,000 endpoints, by monitoring, detecting, preventing, and managing numerous APT attacks on critical systems. It has identified various sophisticated attack techniques like Persistence, Privileged Escalation, and Initial Access, promptly alerting the SOC operation team. Leveraging VCS-aJiant's toolkits and features, the SOC team conducted thorough investigations and responded promptly to incidents. Since 2018, VCS-aJiant has been instrumental in proactively identifying and preventing attacks across multiple countries, mitigating potential damages from cyber threats for X Corporation. * The name of our customer was hiden due to confidential reason

BlueVoyant Website

Brief description of solution/service

BlueVoyant’s Managed Detection & Response (MDR) combines clients' existing security products with advanced technology and human-led expertise from its global Security Operations Center (SOC), which monitors clients’ networks 24x7. Clients have a cloud-based security solution that illuminates, validates, and quickly mitigates today’s internal and external threats. BlueVoyant combines extended detection and response (XDR) and security information and event management (SIEM) monitoring and management to detect and respond to security threats across a wide variety of data sources before they cause harm to the business.

What security-related issues did your organization desire to address with this solution/service

Many enterprises struggle with their cyber defence posture due to the need to manage a large number of tools in their security stack. Organisations are looking for an MDR solution that allows them to be closer to their own security data so that when a SOC Analyst, Threat Hunter, or Content Engineer needs to access data, they can work with their data directly, and not be intermediated by an MDR provider’s portal.

BlueVoyant’s evolved approach to MDR applies our data science and security expertise to help clients collect, normalise, rationalise, and access their own data, within their own tools.

What technologies and/or innovations are applied/deployed in this solution/service?

Supply Chain Defense - A solution for holistic third-party cyber risk management needs. BlueVoyant’s end-to-end solution features expert curated risk monitoring and directed remediation. Additional capabilities include a highly customizable questionnaire management platform, multiple levels of continuous monitoring for different tiers of vendors, and point-in-time vendor risk assessments to support procurement and M&A decisions.
DRP: Scan and Protect - BlueVoyant identifies and validates threats targeting the organization, providing actionable countermeasures to eliminate threats to your brand, employees, and customers. Our solution equips your team with visibility beyond the perimeter, continuously monitoring exclusive threat data sources.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Trusted by more than 900 clients in 40-plus countries worldwide, BlueVoyant’s presence in APJ continues to grow following the company’s expansion in APJ in 2022, offering comprehensive cyber risk protection to organisations in diverse sectors.

A current BlueVoyant customer is SGX-listed Seatrium, a global player with deep engineering expertise in the offshore, marine and energy industries.

Poh Leng Wee, Chief Information Security Officer, Seatrium: “Seatrium enhances its cyber defense by integrating BlueVoyant's MDR solution, which combines human expertise with automation and AI technology. This strategic alliance provides access to advanced platforms and seasoned security experts, utilizing AI to accelerate threat detection and response. The adoption of this AI-augmented MDR solution not only streamlines our security operations but also strengthens stakeholder confidence in our resilient and proactive security posture.”

Yubico Website

Brief description of solution/service

As the inventor of the YubiKey, Yubico makes secure login easy with phishing-resistant MFA. Yubico is setting global standards for secure access to computers, mobile devices, and more, and is a creator and core contributor to the FIDO2, WebAuthn, and FIDO Universal 2nd Factor (U2F), and open authentication standards.

What security-related issues did your organization desire to address with this solution/service

As the inventor of the YubiKey, Yubico makes secure login easy and available for everyone. The company has been a leader in setting global standards for secure access to computers, mobile devices, and more. Yubico is a creator and core contributor to the FIDO2, WebAuthn, and FIDO Universal 2nd Factor (U2F), and open authentication standards. YubiKeys are the gold standard for phishing-resistant multi-factor authentication (MFA), enabling a single device to work across hundreds of consumer and enterprise applications and services. Yubico has a presence around the globe.

What technologies and/or innovations are applied/deployed in this solution/service?

Since the company was founded in 2007, it has been a leader in setting global standards for secure access to computers, mobile devices, servers, browsers, and internet accounts. Yubico is a creator and core contributor to the FIDO2, WebAuthn, and FIDO Universal 2nd Factor (U2F) open authentication standards, and is a pioneer in delivering modern, hardware-based authentication security at scale. Yubico’s technology enables secure authentication, encryption, and code signing and is used and loved by many of the world’s largest organizations and millions of customers in more than 160 countries

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Gojek is Southeast Asia’s leading on-demand, super app provider, connecting individuals with a wide range of services including transport, payments, food delivery, logistics, and more. With more than 5,000 internal employees, Gojek understood the necessity to secure company data, while also delivering a friendly user experience. As a G Suite-based infrastructure, Gojek chose to work with Yubico to deploy YubiKeys for secure authentication. Employees saw a significant reduction (nearly 50%) of the time to authenticate using a YubiKey compared with using a one-time password (OTP) via SMS. Logins were nearly four times faster when comparing the YubiKey to Google Authenticator.

Atlassian is a leading provider of team collaboration and productivity software, with many remote workers in Australia, Netherlands, United States, Japan, India, Philippines and Turkey. Atlassian builds collaboration and productivity software to help teams organize, discuss, and complete shared work. With more than 4,000 employees and many ecosystem partners, YubiKeys are able to address Atlassian’s need to simplify their employee’s authentication experience without sacrificing strong security. Users could follow strong two-factor or multi-factor authentication, all with an intuitive, fast and easy manner. And with strong phishing defense, YubiKeys enabled the workforce to stay protected against sophisticated phishing attacks.

Keeper Security Website

Brief description of solution/service

Keeper Enterprise Password Manager acts as the first line of defence against identity breaches — protecting access to applications, systems, secrets and IT resources with a zero-trust and zero-knowledge architecture that is quick to deploy and easy to use. This security architecture is unmatched in safeguarding information and mitigating the risk of a data breach, as it combines device-level, elliptic curve cryptography with multiple layers of encryption, multi-factor and biometric authentication, and FIPS-140-2 validated AES 256-bit encryption plus PBKDF2 to protect organisations and its employees. With full visibility, control and compliance, security teams can be confident in their organisation’s security.

What security-related issues did your organization desire to address with this solution/service

Keeper’s zero-trust and zero-knowledge Enterprise Password Manager provides organisations with total visibility and control over employee password practices, enabling them to successfully defend against the most common attacks. IT administrators can secure, monitor and control passwords and infrastructure secrets across the organisation, and set up and enforce RBAC, MFA and least-privilege access. This helps thousands of companies all over the world meet their business goals, prevent password-related data breaches, improve productivity, and enforce compliance with industry-leading features. This solution simplifies and strengthens compliance while achieving organisation-wide clarity and control with event logging, management, reporting and auditing.

What technologies and/or innovations are applied/deployed in this solution/service?

Encrypted end-user vaults
Password and passkey storage, management, sharing and autofill
KeeperFill® browser extension powered by KeeperAITM
Web, desktop and mobile apps
Dark web monitoring with BreachWatch
Intuitive Admin Console
Seamless provisioning and integrations
Single Sign-On (SSO) Integration
Role-Based Access Controls (RBAC)
FIPS 256-bit encryption
User training, onboarding and world-class support
User training, onboarding and world-class support
Works out-of-the-box with identity, MFA, IGA, HSM and SIEM solutions
Patented integration with Single Sign-On (SAML 2.0) solutions and SCIM provisioning

- Zero-trust and zero-knowledge security architecture

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Manufacturing: https://www.keepersecurity.com/ja_JP/resources/cosmetics-company-case-study/
IT Service/Research: https://cancerscan.jp/
Food Industry: https://marusan-shokuhin.com/ , https://www.yaoko-net.com/
Software: https://www.yayoi-kk.co.jp/ , https://hennge.com/jp/
Entertainment/Gaming: https://www.jp.square-enix.com/
Broadcasting/Publishing: https://www.poplar.co.jp/

Green Radar Website

Brief description of solution/service

grMail provides customers with much-needed email security services. With around-the-clock monitoring and deep email analysis with threat hunting, the service ensures the customer with maximum email protection against target phishing attacks.

Green Radar provides cloud-based Security as a Service, an all-in-one and affordable solution for enterprises of any size to enjoy first-class email security solutions without having their own infrastructure or heavily investment in developing, maintaining and creating those security tools, saving upfront costs for hardware as well as continuing costs for software licenses.

What security-related issues did your organization desire to address with this solution/service

Green Radar grMail focuses on providing affordable and high-quality services for SMEs in Hong Kong. We prioritize the needs of our customers, ensuring a seamless user experience at a competitive price.

Phishing emails remain one of the top three cyber attacks globally. SMEs are lacking of IT security experts, are particularly vulnerable to these scams. Due to limited budgets, SMEs often struggle to hire security experts or establish 24x7 monitoring Security Operations Centers (SOCs). Additionally, SMEs face challenges in formulating an effective response when a security incident occurs.

What technologies and/or innovations are applied/deployed in this solution/service?

Green Radar are actively working on enhancing our email security solution through key improvements. These enhancements will target areas such as reducing scanning time, implementing a flexible policy framework, and enhancing reporting capabilities.

A primary focus of our improvement efforts is to minimize security scanning time. We plan to achieve this by optimizing scanning performance and eliminating redundant scans. Streamlining the scanning process will result in faster and more efficient email processing, enhancing both the user experience and overall system performance.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Not Applicable

Netpluz Asia Website

Brief description of solution/service

Next generation 24x7x365 Security Operation Centre (SOC) with an experienced team spanning across Singapore, Malaysia and Philippines, HK and Thailand to deliver monitoring & detection, security incident response, exposure & validation and threat identification. We can monitor a variety of devices/infrastructure on both cloud and on-premises, ingesting security logs through >500 existing and custom-built connectors. Our service including monitoring and incident response to cyber threats. Under the offering, we deliver vulnerability assessment and penetration testing (VAPT) services, continuous threat and exposure management (CTEM) including threat and darknet intelligence. The coverage is comprehensive from inside-out to outside-in monitoring, detection and response.

What security-related issues did your organization desire to address with this solution/service

We seek to help organization balance between security, productivity, and cost. Currently, organization are overwhelmed with various cyber security offering in the market and face challenges in managing the silo solutions. They are finding ways to enhance their cyber security capabilities but lacking expertise and resource. With our professional, reliable, and cost-effective services, we aim to help augment the organization cyber security services allowing them to manage their cyber security risk, address the increasing cyber threats and cost of compliance. We serve as a clients’ trusted advisor to improve their cyber security maturity over time.

What technologies and/or innovations are applied/deployed in this solution/service?

We used a combination of a few cutting-edge technologies and streamlined processes to deliver the services. One of our key solution leverages on the power of the Extended Detection and Response (XDR) solution. Stellar Cyber Open XDR includes NexGen-SIEM, TIP, UEBA, NDR, SOAR, and more, under a single license, providing the critical security capabilities our team needs. It’s works with existing tools and has intelligence (in the form of alerts and auto-correlation) built-in, and to consolidate capabilities where possible. We supplement this with threat and dark net intelligence as well as exposure management to provide a complete offering.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Netpluz implemented the MSOC services for the FMCG to provide near real-time analytics, detection and response capabilities. We have been providing these services to them more than a year since May 2023.. We started off with a consultative approach to understand business needs and align cyber security with business requirements. Netpluz then offered managed cyber security services across the silo-ed solutions. We delivered our 24x7 active managed cyber security and threat monitoring services.

The company gained several key benefits after collaborating with Netpluz for their cybersecurity needs. Importantly it provides them a holistic view of their environment for threats and anomalies as compared to the past where their view were restricted to end points and servers. With their investment in cybersecurity, this provided confidence to customers and investors their commitment to be cyber secure. Internal IT team had additional time and resource to prioritize supporting their users and the business operation. Having demonstrated Netpluz SOC capabilities to the client, they were convinced that Netpluz SOC services is the right fit for their business needs.

NEC Asia Pacific Pte Ltd Website

Brief description of solution/service

NEC Asia Pacific Pte Ltd offers comprehensive managed cybersecurity services to protect companies’ digital assets and infrastructure. Our solutions include advanced threat detection, continuous monitoring, incident response, and vulnerability management.

Our Advance Response Centre provides 24/7 X 365 Days Managed Cybersecurity Services, monitors and safeguards your systems, providing real-time threat detection and response. We collaborate and partner industry-leading technology to help organizations strengthen their cybersecurity posture and build resilience against cyberattacks.

What security-related issues did your organization desire to address with this solution/service

We provide 24/7 advance monitoring and threat detection, protect organizations from malicious attacks. We help organizations to be more aware of cyber threats where we provide professional cybersecurity training to increase employee’s awareness , close security gaps and be more proactive against cyber threats.

What technologies and/or innovations are applied/deployed in this solution/service?

Our services employ advanced technologies and innovations, including Next-Gen Security Information and Event Management (SIEM) for centralized monitoring, alerting, and analysis of security events. It integrates with Endpoint Detection and Response (EDR) for real-time endpoint activity visibility and rapid response, and leverages network analytics for proactive problem detection, healing, and notifications. Additionally, it supports Hybrid Cloud security monitoring and includes Threat Visibility & Intelligence, API Security, and DevSecOps to enhance security compliance and overall user experience. These technologies collectively improve cybersecurity posture, reduce risks, and protect sensitive data and digital assets.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Due to privacy and confidentiality reasons, we cannot disclose the specific customers. However, we have been providing managed services, including cybersecurity services, to various government and public sector clients.

Additionally, we support Kajima Corporation, a global construction and real estate development company based in Japan with subsidiaries worldwide. To assist Kajima in securing their digital transformation efforts, NEC was engaged to identify security gaps and implement centralized monitoring for more effective and prompt responses to cyber threats.

Furthermore, we provide cybersecurity support to a Manufacturing company, covering 21 locations across Indonesia. NEC Asia Pacific remains dedicated to providing comprehensive managed security solutions, empowering businesses of all sizes and sectors to thrive in today's ever-evolving cyber threat landscape.

Please refer to the URL for reference: https://www.linkedin.com/posts/nec-asia-pacific-pte-ltd_neckajima-case-study-activity-7195988703926763520-lxy4/?utm_source=share&utm_medium=member_desktop

https://www.linkedin.com/posts/nec-asia-pacific-pte-ltd_nec-cyber-defence-services-activity-7086902403391721472-quZl/?utm_source=share&utm_medium=member_desktop

https://www.linkedin.com/posts/nec-asia-pacific-pte-ltd_soc-noc-activity-7169262632259059713-ubHA/?utm_source=share&utm_medium=member_desktop

https://www.linkedin.com/posts/nec-asia-pacific-pte-ltd_managedservices-activity-7188475799954460674-xc4q/?utm_source=share&utm_medium=member_desktop

https://www.nec.com/en/global/office/index.html#anc-region4

Vectra Website

Brief description of solution/service

Vectra Managed Extended Detection and Response (MXDR) services launched in February this year is the industry's first global, 24x7 open MXDR service built to defend against hybrid attacks. This comprehensive offering eliminates silos to provide hybrid attack surface visibility across identity, public cloud, SaaS, data center and cloud networks and endpoints via integrations with leading EDR vendors. Vectra MXDR helps over-stretched SOC teams, especially analysts operating across hybrid environments where there’s an increased visibility gap for attackers to expose.

What security-related issues did your organization desire to address with this solution/service

SOC team burnout: Recent research indicates SOC teams spend nearly 4 hours daily on manual alert triage, resulting in excessive workload, burnout, and high turnover. As teams grapple with this, attackers continue to exploit complexity, latency, and noise to move laterally, progress attacks, and exfiltrate data undetected.

Hybrid attacks: Hybrid attacks are on the rise with the proliferation of GenAI tools i.e. Microsoft Copilot further increasing the speed and scale of attacks. This has rendered legacy threat detection and response solutions ineffective at defense, heightening the need for threat detection coverage across the expanding hybrid attack surface.

What technologies and/or innovations are applied/deployed in this solution/service?

Vectra AI’s Attack Signal Intelligence™ powers the Vectra AI Platform with AI-driven detection, triage and prioritization so security teams can move at the speed and scale of hybrid attacks. Vectra MXDR analysts deliver 24/7/365 investigative, response and platform optimization expertise. By adding human intelligence from our analyst team to the power of the Vectra AI Platform, security teams gain further support with around-the-clock outcomes.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Vectra AI has deployments across all industry verticals – from Finance, Manufacturing, Software, Critical Infrastructure and Telco – which we have significant market share. A Logistics customer and a global leader in Solar Innovation – both based in ASEAN – use Vectra AI Managed Detection and Response (MDR) services to augment their security operations, giving them complete visibility and context for how an attack progresses through the cyber kill chain – ultimately stopping them from becoming breaches. MDR also provides skilled analyst reinforcements for 24x7x7365 coverage, reducing the workloads of their security teams.

Singtel Website

Brief description of solution/service

As Asia’s leading communications technology group, Singtel offers secure networking with telco-grade security covering risk-based threat analytics, advanced tech, and architecture management. Its managed services expertise and multi-layered security approach ensures data integrity and confidentiality through its network-centric security capabilities such as secure networking, cloud security, 5G, IoT, Quantum-safe Network, telco APIs solutions for fraud prevention and cyber resilience programmes.

Singtel Managed Threat Detection (MTD) combines leading Cyber Threat Intelligence with proprietary analysis for proactive security. With advanced analytics and next-gen SOC powered by automation, Singtel offers end-to-end services, proactive threat hunting, and enhanced Managed Security Service Provider (MSSP) capabilities.

What security-related issues did your organization desire to address with this solution/service

Singtel MTD addresses critical security issues by proactively monitoring networks and systems for threats. It detects Advanced Persistent Threats (APTs), malware, and ransomware, while also identifying insider threats through user behavior analysis. Using advanced techniques like threat intelligence and machine learning to recognise zero-day exploits and emerging threats, Singtel MTD prevents data breaches and loss, ensuring compliance with regulations. It also mitigates Denial of Service (DoS) attacks by monitoring traffic patterns and implementing countermeasures. Singtel helps organisations enhance their security posture by detecting, responding to, and mitigating diverse cyber threats for organisations, bolstering their overall resilience.

What technologies and/or innovations are applied/deployed in this solution/service?

Leveraging cutting-edge technologies such as Artificial Intelligence and automation, Singtel MTD incorporates deep machine learning and customised behavioral analytics into a unified service, enabling rapid and precise threat detection, which is crucial for shielding against advanced threats and reducing attack surfaces. Singtel MTD is reinforced by an elite cybersecurity team comprising world-class specialists adept in penetration testing, incident readiness, data breach forensic investigations, and pioneering security research. Their expertise ensures fast and visible threat detection, empowering organisations to identify new risks swiftly, respond effectively to incidents, and expedite recovery efforts.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Singtel enhances traditional MSSP capabilities by improving device management and log collection functions, enabling organisations to embrace proactive security measures like endpoint detection and response, and threat hunting. Across industries, particularly in transportation and enterprise services, Singtel addresses various cyber security challenges.

Organisations in these industries face stringent regulatory requirements and industry standards concerning cyber security and data protection. Singtel aids with compliance, including with the Singapore Personal Data Protection Act (PDPA) and ISO/IEC 27001, by identifying and addressing security risks to avert regulatory violations and associated penalties.

For industries managing sensitive data, Singtel continuously monitors network traffic and systems to detect and respond to potential breaches in real-time. Singtel employs behavioral analysis and machine learning to combat ransomware attacks and mitigate their impact promptly, averting operational disruptions and financial losses.

Additionally, Singtel assists industries with complex supply chains by identifying and mitigating risks associated with third-party suppliers through monitoring activities and assessing security postures. With rising adoption of IoT devices, Singtel helps identify and mitigate associated vulnerabilities by monitoring device behavior, addressing the expanded attack surface effectively.

Overall, Singtel provides comprehensive visibility into cybersecurity postures, empowering organisations with real-time insights for informed decisions on risk mitigation and resource allocation

New Relic Website

Brief description of solution/service

The New Relic all-in-one observability platform helps organisations secure software applications with less toil by providing a comprehensive approach to vulnerability management. New Relic Vulnerability Management provides continuous runtime software composition analysis (SCA) and vulnerability assessment prioritisation, with no additional configuration when using supported New Relic APM agents. It instantly detects common vulnerabilities and exposures (CVEs) from the U.S. Department of Commerce National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) across supported application dependencies.

What security-related issues did your organization desire to address with this solution/service

Applications today are often composed of thousands of components, each with the potential to carry critical security vulnerabilities that can increase the risk of IP theft, data loss, monetary loss, reputational damage, and more. Mitigating security threats is now an enterprise priority, as is having a security mindset across the development pipeline. To help address this new shared responsibility between DevOps and Security teams (DevSecOps), New Relic Vulnerability Management enables teams to see performance and availability issues in one connected experience and allows all teams to quickly assess the most urgent vulnerabilities while addressing exposure with guidelines for remediation.

What technologies and/or innovations are applied/deployed in this solution/service?

New Relic AI monitoring is the industry’s first APM solution that provides end-to-end visibility for any AI-powered application. New Relic AI monitoring provides engineers unprecedented visibility and insights across the entire AI stack so they can build and run safe, secure, and responsible AI applications with confidence.

New Relic Interactive Application Security Testing (IAST) automates the process of finding code paths that are likely to be exploited.

New Relic offers a unified security view across the stack and software lifecycle with the ability to add security data through an open ecosystem of built-in quickstarts and New Relic security APIs.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Indonesia-based health-tech platform Halodoc connects millions of patients with healthcare providers on a single platform. A cloud-native business, Halodoc adopted New Relic over six years ago to provide better platform performance.

With end-to-end visibility via dashboards and distributed tracing, Halodoc has been able to track its performance against KPIs, while consolidating and optimising its infrastructure usage. Real-time and historic insights allow for the periodic analysis of past performance, load, and throughput to understand current and future capacity needs.

New Relic has helped Halodoc achieve a 40% improvement in app performance alongside 20% in savings on infrastructure and associated server costs, in conjunction with the introduction of the AWS Graviton2 processors which are running 90% of its production workloads.

By having all the necessary information about its systems in one place, the Halodoc team is delivering a consistent experience to its customers while embracing a culture of developer productivity, accountability and ownership.

Gigamon Website

Brief description of solution/service

Gigamon Deep Observability Pipeline revolutionizes network visibility, transforming raw network data into actionable insights across cloud and hybrid cloud infrastructure. Delivering real-time network intelligence to cloud, security, and observability tools, surpassing traditional observability methods, eliminating blind spots and reducing tool costs for securing complex environments. It enables proactive security by pinpointing threats, mitigating risk exposure and expediting troubleshooting. This comprehensive approach empowers IT organizations to effectively manage and secure hybrid cloud environments.

The Deep Observability Pipeline is not just a solution; it’s a strategic asset that drives business intelligence, operational efficiency, cybersecurity and a competitive edge in the digital landscape.

What security-related issues did your organization desire to address with this solution/service

Gigamon’s Hybrid Cloud Security Survey revealed that security leaders are facing significant challenges, including unexpected blind spots (56%), legislation (34%) and attack complexity (32%). Gigamon Deep Observability Pipeline addresses blind spots by enabling visibility into encrypted cloud traffic, eliminating blind spots concealing threats, capturing traffic before/after encryption, and providing network intelligence that reveals hidden threats like lateral movement and malware across virtual, cloud, and container environments. It provides comprehensive visibility and intelligent analysis to quickly detect and respond to sophisticated multi-vector attacks enhancing ransomware protection, boosting security posture, reducing risk, and ensuring regulatory compliance to drive business resilience and continuity.

What technologies and/or innovations are applied/deployed in this solution/service?

Gigamon Precryption™ technology is a breakthrough approach to eliminating the biggest blind spot in modern hybrid cloud infrastructure: threat actor lateral activity concealed within encrypted communications. Leveraging eBPF technology inside the Linux kernel to deliver plaintext visibility for encrypted traffic, it works with modern encryption methods, TLS 1.3 or TLS 1.2 with perfect PFS enabled and legacy encryption methods, including TLS 1.2 without PFS. Once unencrypted data is extracted, it transforms raw communication data into flow-level metadata records to reduce false positives, help identify nefarious activity like port spoofing, and accelerate threat detection through proactive, real-time monitoring versus reactive forensics

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Gigamon finds widespread deployment across the Asia-Pacific (APAC) region, serving various organizations and industries. Large enterprises with intricate networks utilize the solution to efficiently monitor and manage network traffic, ensuring optimal performance and security. Government agencies across Singapore, Australia, Taiwan, Southeast Asia, such as the National Cyber and Crypto Agency (BSSN) of Indonesia, leverage Gigamon to bolster their cybersecurity defences and secure and manage hybrid cloud infrastructure.

Telecommunications service providers across Southeast Asia, such as PLDT, and other major Tier-1 servicers providers in Singapore, Malaysia, Thailand, and the Philippines, as well as Australia, Japan and Korea, rely on Gigamon for real-time insights into network performance, leading to better service delivery and customer satisfaction and security.

Educational institutions, such as ANU, and other institutes of higher learning across the region benefit from streamlined network resource management and enhanced protection against cyber threats. Additionally, industries like finance and healthcare embrace the Gigamon solution to comply with stringent regulations and safeguard data integrity and confidentiality. Across diverse sectors in APAC, Gigamon proves instrumental in achieving comprehensive network visibility, robust security, and streamlined operations.

Kaspersky Website

Brief description of solution/service

Kaspersky IoT Infrastructure Security is a range of Cyber Immune gateways based on Kaspersky OS for building reliable and functional IoT systems. These gateways play a key role in creating end-to-end services for enterprise digital transformation and works in tandem with Kaspersky Security Centre, a platform for the centralized management of all gateway events.

What security-related issues did your organization desire to address with this solution/service

It seeks to address four areas:

Infrastructure reliability – Infrastructure and data protection on the gateway level
Transition to Industry 4.0 – Assistance with digital transformation and building end-to-end services for on-premises and cloud analytics
Cloud Integration – Support for proven cloud storage and processing platforms
Data flow transparency – One-way data transmission through KISG 100, centralized monitoring of all KISG 1000 events

Kaspersky enables the building of end-to-end services with cloud-based analytics applications, collects more information from equipment than traditional control systems, performs critical functions even in hostile environments and protects data from being compromised.

What technologies and/or innovations are applied/deployed in this solution/service?

Kaspersky's product is built on Siemens SIMATIC IOT2040 or Advantech UTX-3117 hardware, enabling secure data collection and transfer from industrial equipment to cloud platforms through the OPC UA protocol. Designed for digital transformation in industrial companies, it includes a gateway with data protection and monitoring features, based on Advantech UTX-3117 and using MQTT over TLS. Kaspersky Security Centre serves as a centralized platform for configuring and monitoring gateway events. Together, the two products safeguard IoT infrastructures at the gateway level, providing unified monitoring and event management through a single console.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

The industries in Asia Pacific that this has been deployed in include: Banking and Financial Institutions, Government Agencies, Telecommunications, Industrial and Healthcare. This aggregates data collected via different protocols (Zigbee, LoRa, Modbus, CanBus, PROFINET, OPC UA, etc.), and converts it for transmission over cellular networks and Ethernet (MQTT, CoAP, AMQP, XMPP). In addition, it not only collects, checks and distributes telemetry, but also transmits control commands received via MQTT to devices. The system performs security functions, such as device detection and classification, logging security events in IoT systems and protection from network attacks (IDS/IPS).

The product can be used as a security gateway — a specialized border network solution for protection of IoT and IoT infrastructure from threat attacks. In addition, it is possible to configure it for specific needs, as well as the inclusion of new functions from partner products.

TXOne Networks Website

Brief description of solution/service

TXOne Network’s portfolio of operational technology (OT) security solutions aims to secure industrial networks while also keeping the devices running. The products span from device- level security to more of an overarching view and control over industrial processes, with its most recent launch—Cyber Physical Systems Detection and Response—adding further prevention capabilities. The entire portfolio includes:

Installation-free security inspection series
OT-native endpoint security software
ICS focused network security appliances
CPS protection platform for OT security orchestration

The TXOne product suite is built sorely for OT, protection organizations with operational context in mind.

What security-related issues did your organization desire to address with this solution/service

The portfolio is designed to conquer these common issues in OT environments:

Understaffing of cybersecurity experts
Common technical constraints to apply security measures in OT
Sales terms from supply chain partners to apply security measures
Impact on system performance and service availability when apply security measures
Relatively closed environments where cloud-based solutions may not function at all
Critical assets with extra long service years and legacy operating systems
Aging machines that are not capable to perform sophisticated security tasks
False alarms coming along with the desire of high detection rate

What technologies and/or innovations are applied/deployed in this solution/service?

ICS protocol awareness that identifies not only the general cybersecurity signals but also those specifically targeting OT
Virtual patching mechanism that mitigates vulnerabilities on legacy systems that are not allowed to upgrade
AI driven security policy automation that reduces security deployment time and enables security with true operational context
True on-premise options for all product offerings with the scalability that also allows cloud-based deployment
Assets centric OT cybersecurity framework that protects all assets throughout their entire lifecycle
Cyber-Physical Systems Detection and Response that battles unknown threats with minimal false alarms

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Our major serving industries includes Semiconductor, Pharmaceutical, Automotive, General Manufacturing, Oil and Gas, and some critical infrastructures. We are serving around 400 VLE clients in a global scale.

We are in a clear leading position for semiconductor industry with customers such as TSMC and Intel ASML, Infineon, etc. The security deployment is global, including Asia plants. We not only protect their Asia plants, but actively working with TSMC in the SEMI cybersecurity committee to advocate the industry's cybersecurity standard into a global practice.

For automative, we have some clients such as Bosch, Daimler, Denso, and Mercedes-Benz. For pharmaceutical, our major presence in Asia is Johnson & Johnson, Kenvue, and Bayer.

TXOne is actively contributing cybersecurity expertise to critical infrastructures especially in Asia. The CEO is also an OTCEP member: https://www.otcep.gov.sg/2024-otcep-members/

Forescout Technologies Website

Brief description of solution/service

The Forescout Platform gives organisations 100% visibility of IoT and OT devices through a centralised management platform. It is the only solution characterised by continuous identification, segmentation and enforcement of compliance for every one of those devices and stands as an indispensable bulwark against threats.

What security-related issues did your organization desire to address with this solution/service

A key challenge facing organisations today is that OT and IoT devices are typically unmanaged; they don’t support agents, so enterprises’ security posture is largely unknown. These devices are often invisible to IT security teams, who may be reluctant to onboard IoT environments because of the special techniques and knowledge they require. This challenge extends to enterprise networks that are inundated with a relentless influx of connected devices ranging from everyday appliances to robust industrial machinery.

What technologies and/or innovations are applied/deployed in this solution/service?

The Forescout Platform enhances OT security by providing continuous monitoring, extensive visibility and automated risk mitigation of OT and IoT assets engaging with the network. the Platform automates security policies for continuous compliance and automates response to emerging threats by enforcing flexible mitigation actions, from modest (e.g. opening a service ticket) to stringent (e.g. enforcing network segmentation), to protect vulnerable devices while keeping critical assets online. Automating mitigation actions cuts down on valuable response time and potential human error from manual mitigations to help ensure critical OT/ICS systems operate securely without disruption.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Chartered in 1999 in Hsinchu, Taiwan, Ardentec, a provider of semiconductor testing solutions in memory, logic and mixed-signal integrated circuits (ICs) to integrated device manufacturers (IDMs), pure play wafer foundry companies and fabless design companies, employs over 1,000 employees and operates four manufacturing sites across Taiwan, Singapore and Korea.

https://www.forescout.com/resources/ardentec-case-study/

Opswat Website

Brief description of solution/service

OPSWAT specializes in critical infrastructure protection, offering comprehensive solutions for both IT and OT environments. Its MetaDefender Platform integrates security solutions seamlessly across IT, OT, and ICS networks, addressing the growing connectivity demands. In OT, OPSWAT ensures safe usage of removable media and transient devices while enforcing unidirectional data transfers. For the complex supply chain, MetaDefender Software Supply Chain secures against evolving threats using technologies like SBOM for compliance, multiscanning with 30+ antivirus engines, proactive DLP, and Country of Origin detection. Additionally, OPSWAT offers MetaDefender Drive, OT Security, and Kiosk for thorough asset and media protection.

What security-related issues did your organization desire to address with this solution/service

OPSWAT aims to address the cyber risks posed by IT and OT convergence, where cyberattacks can propagate from IT to OT/ICS assets. Specifically, OPSWAT targets the risks associated with transferring files and devices into, across, and out of secure environments, with a focus on removable media and transient devices that may harbor infected files, malware, and malicious firmware. Additionally, OPSWAT seeks to protect OT/ICS environments from vulnerabilities arising from business stakeholders accessing industrial data, breaking network segmentation and air-gaps. Furthermore, the complexity of software components, third-party dependencies, and open-source software require protection throughout the software development lifecycle.

What technologies and/or innovations are applied/deployed in this solution/service?

OPSWAT's solution leverages several advanced technologies and innovations to ensure security:

Country of Origin Detection: Flags software components from adversarial countries to comply with policies and regulations.
Multiscanning: Utilizes over 30 antivirus engines to enhance detection rates and prevent malware in container images and source code.
Software Bill of Materials (SBOM): Provides automated inventory reports for regulatory compliance and identifies vulnerable third-party packages and outdated licenses.
Proactive Data Loss Prevention (DLP): Detects and flags confidential credentials or sensitive information within the source code to mitigate data exposure risks.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

We do not have public information to share for this.

Keeper Security Website

Brief description of solution/service

Keeper Security’s next-generation privileged access management solution delivers enterprise-grade password, secrets and privileged connection management in one unified platform – created to fully protect perimeterless and multi-cloud environments. This patented PAM solution enables organisations to achieve complete visibility, security, control, and reporting across every privileged user on every device within an organisation, providing the most critical components of privileged access management without the complexity of traditional PAM solutions. With limited IT staff required, the platform enables zero-trust and zero-knowledge security and compliance by unifying three integral products — Enterprise Password Manager, Secrets Manager and Connection Manager, into one SaaS platform.

What security-related issues did your organization desire to address with this solution/service

Every organisation, no matter the size or sector, needs to secure its passwords, credentials, secrets and connections to reduce the risk of cyber attacks and defend against internal and external threat vectors. Keeper provides a cybersecurity solution covering enterprise password, passkey, secrets, connection and privileged access management. KeeperPAM was created to fully protect perimeterless and multi-cloud environments with just the features organisations need. Keeper is modernising the way organisations protect themselves to significantly reduce risks of identity-related cyber attacks, without clunky, outdated solutions that are out of budget or scope for any business.

What technologies and/or innovations are applied/deployed in this solution/service?

Zero-trust and zero-knowledge security architecture
Secure access without a VPN
Recorded web sessions
Controlled web browsing
Password and passkey storage, management, sharing and autofill
Privileged Account and Session Management (PASM)
Secrets Management
Single Sign-On (SSO) Integration
Privileged Account Credential Management
Credential vaulting and access control
Session management, monitoring and recording
Privileged Elevation and Delegation Management (PEDM)
Role Based Access Controls
Works out-of-the-box with identity, MFA, IGA, HSM and SIEM solutions

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Manufacturing: https://www.keepersecurity.com/ja_JP/resources/cosmetics-company-case-study/
IT Service/Research: https://cancerscan.jp/
Food Industry: https://marusan-shokuhin.com/ , https://www.yaoko-net.com/
Software: https://www.yayoi-kk.co.jp/ , https://hennge.com/jp/
Entertainment/Gaming: https://www.jp.square-enix.com/
Broadcasting/Publishing: https://www.poplar.co.jp/

Kaspersky Website

Brief description of solution/service

Kaspersky Standard offers comprehensive protection and real-time defence against all cyber threats including malware detection, targeted attack prevention, and impact on system performance. Customers get all-in-one protection against viruses, malware, ransomware, spy apps and all the latest hacking techniques. Its triple-layer protection system works 24/7 to secure devices and data.

What security-related issues did your organization desire to address with this solution/service

Ransomware is one of the most enduring threats faced by the cyberworld due to the clear monetization model and the easy implementation of malware by cybercriminals. Common ransomware is widely spread via malicious spam campaigns and exploit kits.

To solve this, Kaspersky Standard provides a comprehensive range of multilayered and next-generation threat protection in one product. This product monitors and guards Windows, Mac and mobile users with proactive technologies, such as Real-Time Antivirus, Safe Browsing and Anti-Phishing.

What technologies and/or innovations are applied/deployed in this solution/service?

Kaspersky provides complete defense against cyber threats for all internet-enabled devices, including Windows or macOS computers, laptops, and Android or iOS tablets and smartphones. Its triple-layer protection system works around the clock to safeguard consumers.

This includes anti-hacking which identifies device vulnerabilities and threats, while its network monitoring and anti-ransomware software controls and prevents hackers from breaching networks and intercepting data. Additionally, real-time anti-virus protection guards against various threats, from worms and Trojans to more sophisticated ones like botnets and rogues. Lastly, advanced anti-malware software blocks threats like keyloggers, adware, spear phishing, rootkits, and man-in-the-middle attacks.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

The industries in Asia Pacific that this has been deployed in include: Banking and Financial Institutions, Government Agencies, Telecommunications, Industrial and Healthcare. This has resulted in effective detection of threats along with quick and intelligence-based responses which resulted in significant mitigation of financial losses. Threat intelligence services, such as Kaspersky, strengthen a company’s defense and enhance visibility over the threat landscape by providing relevant and actionable insights.

Kaspersky cybersecurity solutions for businesses has detected a total of 287,413 ransomware incidents in Southeast Asia from January to December 2023.

Yubico Website

Brief description of solution/service

As the inventor of the YubiKey, Yubico makes secure login easy with phishing-resistant MFA. Yubico is setting global standards for secure access to computers, mobile devices, and more, and is a creator and core contributor to the FIDO2, WebAuthn, and FIDO Universal 2nd Factor (U2F), and open authentication standards.

What security-related issues did your organization desire to address with this solution/service

As the inventor of the YubiKey, Yubico makes secure login easy and available for everyone. The company has been a leader in setting global standards for secure access to computers, mobile devices, and more. Yubico is a creator and core contributor to the FIDO2, WebAuthn, and FIDO Universal 2nd Factor (U2F), and open authentication standards. YubiKeys are the gold standard for phishing-resistant multi-factor authentication (MFA), enabling a single device to work across hundreds of consumer and enterprise applications and services. Yubico has a presence around the globe.

What technologies and/or innovations are applied/deployed in this solution/service?

Since the company was founded in 2007, it has been a leader in setting global standards for secure access to computers, mobile devices, servers, browsers, and internet accounts. Yubico is a creator and core contributor to the FIDO2, WebAuthn, and FIDO Universal 2nd Factor (U2F) open authentication standards, and is a pioneer in delivering modern, hardware-based authentication security at scale. Yubico’s technology enables secure authentication, encryption, and code signing and is used and loved by many of the world’s largest organizations and millions of customers in more than 160 countries

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Gojek is Southeast Asia’s leading on-demand, super app provider, connecting individuals with a wide range of services including transport, payments, food delivery, logistics, and more. With more than 5,000 internal employees, Gojek understood the necessity to secure company data, while also delivering a friendly user experience. As a G Suite-based infrastructure, Gojek chose to work with Yubico to deploy YubiKeys for secure authentication. Employees saw a significant reduction (nearly 50%) of the time to authenticate using a YubiKey compared with using a one-time password (OTP) via SMS. Logins were nearly four times faster when comparing the YubiKey to Google Authenticator.

Atlassian is a leading provider of team collaboration and productivity software, with many remote workers in Australia, Netherlands, United States, Japan, India, Philippines and Turkey. Atlassian builds collaboration and productivity software to help teams organize, discuss, and complete shared work. With more than 4,000 employees and many ecosystem partners, YubiKeys are able to address Atlassian’s need to simplify their employee’s authentication experience without sacrificing strong security. Users could follow strong two-factor or multi-factor authentication, all with an intuitive, fast and easy manner. And with strong phishing defense, YubiKeys enabled the workforce to stay protected against sophisticated phishing attacks.

Illumio Website

Brief description of solution/service

Illumio's Zero Trust Segmentation (ZTS) platform provides an easy, scalable, and consistent way for enterprises to see, segment, and secure their whole estate – from cloud to endpoint and data centres, providing unprecedented levels of visibility and control right down to the workload level. Put simply; it stops breaches from spreading by preventing attackers from moving laterally within networks, safeguarding critical assets and data.  

Illumio is easy to use and rapid to deploy, enabling organisations to achieve operational readiness in a matter of hours. Central control also simplifies the management of security policies, ensuring consistent enforcement and delivering real-time visibility.

What security-related issues did your organization desire to address with this solution/service

Enterprise security has never been harder. Attacks are frequent and costly; environments complex; and perimeters fragmented. Many are turning to microsegmentation to build resilience, but attempting microsegmentation with firewalls or traditional technologies is difficult. Security teams don’t have time to manage multiple firewalls or visibility across environments.  

Illumio’s Zero Trust Segmentation platform is designed for modern hybrid enterprise environments, and solves these problems. Through one tool, enterprises can see all network traffic and implement least-privilege access across cloud, endpoint, data centre and containers - facilitating rapid segmentation at scale and enabling comprehensive breach containment.

What technologies and/or innovations are applied/deployed in this solution/service?

With Illumio ZTS, customers can see risk and set policy across their whole estate from one console, simplifying security policy management. Organisations choose Illumio because of its highly predictable architecture. Its lightweight Virtual Enforcement Nodes (VENs) are not inline to traffic and Illumio programs the workload OS firewall, whereas other vendors use inline agents that aren’t passive, and perform the firewall operations themselves.  

It’s also much easier to build, model, and test segmentation policies with Illumio. Illumio’s Policy Generator discovers and automatically suggests policies based on real-time traffic patterns which makes the work of fine-tuning policies quick and straightforward.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Illumio’s ZTS Platform is deployed across a plethora of organizations in APAC from SMEs to enterprises and globally we protect over 3.5 million workloads.

One customer that’s benefitted from Illumio ZTS is insurance company QBE. Prior to Illumio, QBE relied on physical firewalls and virtual firewall appliances for segmentation, which proved to be labour intensive and complex. Firewall rule sets were almost unmanageable for the team, potentially putting the very applications they were trying to protect at risk.

Illumio provided a simple solution to a complex problem with its real-time application dependency map showing traffic flows between workloads wherever they run, simplifying network security.

Andrew Dell, CISO at QBE comments: “Having the ability to span the physical and the virtual and present insights in a highly resolved fashion is a game-changer. It enabled us to be more efficient with our resources and planning right away.”

Nick Venn, global collaboration and cyber infrastructure manager at QBE adds: “The best thing is the policy can now follow the workload, so we don’t have to worry about recreating policies or re-architecting the network. That flexibility is absolutely essential.”

Proofpoint Website

Brief description of solution/service

Proofpoint Advanced Email Security is a solution that helps organisations prevent, detect, and respond to today’s most advanced attacks. It utilises a multilayered approach, including email analysis and classification, targeted attack protection, preventing spoofed emails, controlling data loss, email threat response, and maintaining email during a server outage.

What security-related issues did your organization desire to address with this solution/service

Email is key to business communication and yet the number 1 threat vector. There are many types of email attacks, including phishing, BEC, supply chain attacks, ransomware, and cloud account compromise — all of which are constantly evolving, so organisations struggle with addressing the speed, volume, and complexity of today’s cyber threats. Proofpoint’s Advanced Email Security solution employs an inline and API approach to ensure full protection of inbound and outbound messages. Its integrated, layered approach reduces risk of successful attacks by accurately detecting threats faster, providing actionable insights for organisations to better understand the risks their users face.

What technologies and/or innovations are applied/deployed in this solution/service?

This solution uses reputation, URL rewriting, and predictive and click-time sandboxing to detect payload threats, such as through attachments and URLs. It uses built-in detection for evasion tackles like CAPTCHA, password protection, render-heavy sites, redirectors and file-sharing sites.

Artificial intelligence and machine learning models from Nexus Threat Graph are used for payloadless attacks. They score signals like supplier risk, user signals from collaboration suites, content natural language processing, receiver relationships and intent, for Proofpoint to detect malicious emails.

Analysing email with multilayered content analysis, reputation analysis and sandboxing stops advanced threats like polymorphic malware and ransomware before they hit users.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

SA Power Networks supplies power to local households and businesses across the region. Their network infrastructure is key to keeping the lights on for customers, and helping staff stay productive. And to keep its operations safe, the company knew a key focus of its security strategy was email.

To provide the protection against phishing, malware, ransomware and other advanced attacks, SA Power Networks deployed Proofpoint Targeted Attack Protection (TAP). TAP stops both known and never-before-seen attacks, building on Proofpoint threat visibility from more than 200,000 customers. The utility also deployed Proofpoint Threat Response Auto-Pull (TRAP). This enabled them to streamline email incident response processes. When malicious emails are detected, TRAP will analyse and automatically remove harmful emails from users' inboxes, as well as delete forwarded copies to colleagues.

With Proofpoint TRAP’s Closed-Loop Email Analysis and Response (CLEAR) workflows, the company’s users could quickly identify and report potentially malicious emails. All reported emails are sent to an abuse mailbox, and then automatically analysed against Proofpoint Threat Intelligence and other sources to see if they contain malicious content, reducing the email volume that required manual checking by 66% daily.

ESET Website

Brief description of solution/service

ESET solutions block ransomware, phishing, zero-day exploits and other new and never-before-seen malware with technology powered by AI, human expertise and world class research . Our business solution, ESET PROTECT Platform, offers comprehensive endpoint security through machine learning-powered protection against ransomware and other threats. It includes full disk encryption, proactive cloud-based defenses, and real-time visibility of all endpoints via a web console. The solution features a Ransomware Shield that detects and blocks suspicious processes, ensuring robust protection for organisations.

What security-related issues did your organization desire to address with this solution/service

We wanted to address the increasing threat of ransomware and other malware attacks. By implementing advanced machine learning and proactive cloud-based defenses, we sought to protect organisations from zero-day threats, enhance endpoint visibility, and streamline cybersecurity management. Furthermore, the goal was to mitigate risks associated with data breaches and ensure business continuity amidst evolving cyber threats.

What technologies and/or innovations are applied/deployed in this solution/service?

ESET employs a multi-layered approach to security. Our ESET PROTECT Platform utilises advanced machine learning (ML) for threat detection, full disk encryption for data security, and a proactive cloud-based defense system. The Ransomware Shield specifically targets and blocks ransomware-like behaviours, while real-time endpoint visibility is achieved through an intuitive web console. Additionally, the integration of Intel® Threat Detection Technology (Intel® TDT) enhances hardware-based threat detection and collaboration with Microsoft Sentinel offers actionable threat intelligence data feeds.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

ESET’s AI-based cybersecurity solutions are deployed across diverse industries in the Asia Pacific region. We provide 110+ million users worldwide with robust protection against cyber threats. Notable partnerships include integrations with Microsoft Sentinel for enhanced threat intelligence and Intel® Threat Detection Technology for advanced hardware-based threat detection. ESET has been recognised by independent testing labs such as SE Labs, AV-Comparatives and Gartner Peer Insights, further validating our widespread adoption and effectiveness. We are proud to share that our Enterprise Endpoint Security and Small Business Endpoint Security solutions have received the prestigious AAA grade from SE Labs in their Q1 2024 tests. We also received the “Advanced+” award for both performance and malware protection in the latest AV-Comparatives evaluation. For more information please visit https://www.eset.com/int/business/why-eset/industry-analysts-recognition

Recorded Future Website

Brief description of solution/service

The Recorded Future Intelligence Cloud enables security teams to proactively protect against ransomware attacks - enabling its users to detect ransomware attacks in their early stages to put in relevant controls, mitigate risk and protect an organization. Recorded Future’s ransomware solution empowers organizations with the tools and insights needed to stay ahead of threats. Using Recorded Future as part of your defensive toolkit against ransomware groups enables you to gain comprehensive visibility into your attack surface, prioritize alerts for accelerated detection and response, and stay informed about the evolving ransomware threat landscape.

What security-related issues did your organization desire to address with this solution/service

Here are a few examples of how Recorded Future AI assists analysts and executives:

Reduces searching, summarizing, and report writing time by hours or days.
Provides answers for leaders and cross-functional teams in minutes, enabling timely decision-making.
Decreases manual work, allowing focus on tasks that require expert human insights./li>
Delivers the necessary answers to focus on actions rather than sifting through data.
Mitigates the security talent gap by enabling analysts to concentrate on tasks requiring human insights.

What technologies and/or innovations are applied/deployed in this solution/service?

Built from the Intelligence Graph, the largest dataset of open web, dark web, and technical data, Recorded Future AI offers summary and analysis trained on over 10 years of Insikt Group® reporting. It provides transparency on top sources and curated responses based on entity/event type, offering insights into threat patterns and implications. Integrated into the Recorded Future Intelligence Cloud, it continuously enables new use-cases. The Intelligence Graph™ turns vast data into actionable insights, indexing, organizing, and analyzing data from over a million sources, using natural language processing and machine learning to map associations across billions of entities in real-time.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

https://go.recordedfuture.com/hubfs/case-studies/critical-infrastructure.pdf

Viettel Security Website

Brief description of solution/service

Viettel Security Information & Event Management (VCS – CyM) is one of the best-in-class SIEM solutions for large enterprises and government in South East Asia. VCS-CyM provides the ability to collect and analyze correlations across a variety of infrastructures and device sources, helping to increase the efficiency of analysts' incident response analysis.

What security-related issues did your organization desire to address with this solution/service

VCS-CyM offers comprehensive log management, collecting, correlating, and storing data from various sources regardless of on-premise or cloud deployment models. VCS-CyM integrates seamlessly with other internal solutions, expanding monitoring coverage across your entire IT infrastructure – network, endpoints, and application servers. This unified view provides both high-level and detailed insights into threats, enabling analysts to swiftly pinpoint the root cause, scope, and implement a comprehensive response strategy. VCS-CyM boasts over 1,000 correlation rules, continuously updated by our security experts based on the MITRE ATT&CK framework. This proactive approach minimizes risks posed by the ever-evolving threat landscape.

What technologies and/or innovations are applied/deployed in this solution/service?

VCS-CyM seamlessly integrates with UEBA and Threat Intelligence (TI) solutions offered by Viettel Cyber Security. This integration empowers you to swiftly detect unusual behaviors and security policy violations within your organization. By providing accurate and timely insights, VCS-CyM facilitates effective threat response operations, ultimately reducing your customers' economic risks.

These AI-powered solutions leverage data mining and machine learning to continuously learn from real-world data collected during our surveillance activities. This continuous learning process enhances the reliability of security alerts, significantly reducing false positives. Consequently, information security professionals benefit from a streamlined workload, and organizations experience minimized security costs overall.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

VCS-CyM is honored to serve thousands of customers of all sizes and industries in many countries such as Vietnam, Laos, Cambodia, Myanmar, Peru and many other countries.

For example, G Organization is one of the leading corporations in Vietnam. This is a corporation that owns business activities in a variety of industries, ensuring information security is one of their top priorities. In 2023 alone, we have supported monitoring of over 20,000 servers, detected over 450,000 unusual behaviors, over 1,000 attacks exploiting vulnerabilities, 12,000 malicious codes, over 81,000 policy violations, and very Many other attack methods. With the ability to detect a variety of attack techniques such as Reconnaissance, Initial Access, Privilege Escalation, ... our products have effectively supported SOC operations experts in detecting early warnings and information. Accurate and comprehensive information about threats. Through that, they can speed up the process of identifying and responding to cyber security risks, helping to minimize risks and data loss for G Group.

* The name of our customer was hiden due to confidential reason.

Securonix Website

Brief description of solution/service

Answer: Securonix leads in next-gen SIEM, offering a threat detection, investigation and response solution on a scalable, cloud-native architecture. The Securonix Unified Defense SIEM (UDS) is built on the Snowflake data cloud backend, enabling 365 days of hot searchable storage. UDS applies AI-Reinforced capabilities to deliver proactive fast and precise threat defense on a frictionless, unified TDIR experience. The latest edition, Securonix EON, enhances UDS with AI-Reinforced capabilities, revolutionizing CyberOps against AI-powered threats.

What security-related issues did your organization desire to address with this solution/service

TThe AI-Reinforced solution has the following core capabilities:

Uses AI for quick and accurate security decisions. All levels of the platform are reinforced with AI to optimize human intervention, maximize impact, and reduce manual, repetitive tasks. Seamlessly and agnostically integrate any security tools, clouds, and data lakes. It’s flexible by design to allow organizations to maximize their security investments. Provides reduced noise, an intuitive user interface, and targeted threat intelligence that frees analysts from the tedious task of manual log analysis and endless alert triage, allowing them to focus on high-level investigations and strategic decision-making.

What technologies and/or innovations are applied/deployed in this solution/service?

The solution comes with a host of AI-Reinforced capabilities transforming CyberOps to respond to AI-powered threats. It introduces Insider Threat Psycholinguistics, utilizing Amazon Bedrock with Anthropic’s LLMs to discern user intent. InvestigateRX automates context extraction saving time with coherent summaries. Adaptive Threat Modeling employs ML for dynamic threat detection, enhancing real-time analysis. Securonix’s approach rests on three pillars: AI-Reinforced Platform, Cybersecurity Mesh architecture to integrate with any security tool, clouds and data lakes, and Frictionless experience with reduced noise

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

We have deployed this solution in a lot of enterprises from sectors like BFSI, IT & ITeS, telecommunications, transportation, government & manufacturing.

One of these customers is Persistent Systems, a global services and solutions company delivering Digital Engineering and Enterprise Modernization. The main challenge for Persistent Systems was managing security with on-prem and cloud workloads across diverse geographies. Their legacy SIEM was causing administrative overhead, scalability issues, and limited detection capabilities. By leveraging Securonix's next-generation SIEM solutions, equipped with a powerful blend of cloud-native scalability, advanced UEBA features, and an integrated SOAR platform, Persistent security posture underwent a remarkable transformation. Securonix's solutions provided comprehensive coverage across on-premises, cloud, and data center environments, ensuring no blind spots and enabling real-time visibility. Granular insights from Securonix UEBA highlighted anomalies like suspicious logins across various locations, empowering proactive threat prevention. Furthermore, Securonix SOAR's automated incident creation streamlined operations, reducing manual tasks and enhancing response times. Beyond technology, the partnership with Securonix proved invaluable, with seamless deployment support and collaboration on custom features solidifying Persistent's security posture. This partnership highlights Securonix's continuous innovation and unwavering commitment to customer success. For more info, click here - https://www.securonix.com/resources/persistent-systems-transforms-security-posture-with-securonix/

Hackuity Website

Brief description of solution/service

Hackuity is a cutting-edge Risk-Based Vulnerability Management platform designed to streamline cybersecurity processes and enhance organizational security posture. By integrating and automating the analysis of vulnerability data across various sources, Hackuity provides a centralized, prioritized view of threats based on real-time risk assessments. This allows security teams to efficiently allocate resources to the most critical vulnerabilities, ensuring timely mitigation and compliance with regulatory standards. With its intuitive interface and powerful analytics, Hackuity empowers organizations to proactively manage their cybersecurity risks, turning vulnerability management into a strategic advantage.

What security-related issues did your organization desire to address with this solution/service

Hackuity is specifically designed to address critical issues such as data silos, vulnerability overload, and resource constraints that many organizations face. By consolidating disparate vulnerability data into a single, unified platform, Hackuity breaks down data silos and provides a comprehensive view of your security landscape. This enables more accurate risk prioritization and streamlined vulnerability management, effectively tackling the problem of overload by focusing efforts on the most critical issues first. Additionally, Hackuity’s automation capabilities significantly reduce the manual labor required, helping to alleviate resource constraints and allowing your team to work more efficiently and effectively in securing your infrastructure.

What technologies and/or innovations are applied/deployed in this solution/service?

Hackuity is specifically designed to address critical issues such as data silos, vulnerability overload, and resource constraints that many organizations face. By consolidating disparate vulnerability data into a single, unified platform, Hackuity breaks down data silos and provides a comprehensive view of your security landscape. This enables more accurate risk prioritization and streamlined vulnerability management, effectively tackling the problem of overload by focusing efforts on the most critical issues first. Additionally, Hackuity’s automation capabilities significantly reduce the manual labor required, helping to alleviate resource constraints and allowing your team to work more efficiently and effectively in securing your infrastructure.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

SG - one of the top 3 telco in SG, one of the govt regulatory board Indonesia- One of the largest state owned Bank We are also IMDA accredited and is in the govt green lane for procurement

ThreatQuotient Website

Brief description of solution/service

To help security teams work more efficiently in the face of these challenges, ThreatQuotient released the latest version of ThreatQ TDR Orchestrator, the industry’s first solution for a simplified, data-driven approach to security operations within the ThreatQ Platform.

ThreatQ TDR Orchestrator reinforces the need for no-code / low code solutions that empower operators to adapt to dynamic threat landscapes faster, and focus their energy on security operations workflows that provide critical business context. For optimal detection, investigation and response, ThreatQuotient believes a data-driven approach is needed to prioritize data and connect systems with that data.

What security-related issues did your organization desire to address with this solution/service

The key challenges facing security teams today include security tools that are not integrated, alert fatigue, teams working in silos, and companies having limited security resources. ThreatQuotient is addressing this information security problem, which is also a business risk, with a platform that is purpose-built for data-driven security operations. The company is shifting the industry’s mindset from process-based to data-driven security operations.

What technologies and/or innovations are applied/deployed in this solution/service?

The ThreatQ user interface simplifies the work teams must do to define risks, enforce security rules and remediate threats automatically. The ThreatQuotient differentiation to traditional security operations solutions such as SOAR platforms include:

Better context that helps focus automation on what matters most, and a feedback loop that improves it each time.
A simpler, low code / no-code interface is easier to use and features like Smart Collections abstract automation logic making playbooks easier to maintain.
Lower total cost of ownership because it requires no special training or skills to use.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Financial Services, Government, Critical Infrastructure, Energy/Utilities, Technology, Telecommunications, Retail and Consulting

Securonix Website

Brief description of solution/service

Rapid response is essential to mitigate the risks of cybersecurity threats. However, many security teams leverage poorly integrated SIEM and SOAR solutions, adding unnecessary complexity and delays to threat detection and response. Securonix SOAR helps SOCs accelerate incident response by bringing all the details from their IT environments into a single pane of glass, in a truly unified TDIR experience. By simplifying investigations with a converged view for detection and response, we help security teams drive efficiency and reduce complexity for a faster MTTR.

What security-related issues did your organization desire to address with this solution/service

There are many security-related issues that our SOAR capability addresses like: Faster Incident Response - Our integrated SOAR offering simplifies the analyst experience and streamlines the end-to-end incident response cycle with a seamless workflow for threat detection, investigation, and response. Respond to Threats at Scale - Securonix SOAR was built into the SIEM, not bolted on, so SOCs have zero infrastructure to manage, and unlimited scalability. Maximize Security Operations Investment - In combination with Securonix SIEM, our SOAR offers unified detection and response reporting that helps in identifying and addressing constraints within the security operations process.

What technologies and/or innovations are applied/deployed in this solution/service?

Securonix's SOAR solution integrates advanced analytics, automation, and orchestration to streamline incident response. It employs machine learning for real-time threat detection and automated workflows for rapid response. The platform integrates with diverse security tools and systems, facilitating centralized case management and collaboration. Threat intelligence feeds and user behavior analytics enhance proactive threat identification. With continuous monitoring and scalability, Securonix ensures effective security operations across networks, endpoints, and cloud environments. Compliance management and customizable reporting features further strengthen organizational security posture.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

We have deployed this solution in a lot of enterprises from sectors like BFSI, IT & ITeS, government & manufacturing. Recently, we partnered with Persistent Systems, a global services and solutions company delivering Digital Engineering and Enterprise Modernization. The main challenge for Persistent Systems was managing security with on-prem and cloud workloads across diverse geographies. Their legacy SIEM was causing administrative overhead, scalability issues, and limited detection capabilities. By leveraging Securonix's next-generation SIEM solutions, equipped with a powerful blend of cloud-native scalability, advanced UEBA features, and an integrated SOAR platform, Persistent security posture underwent a remarkable transformation. Securonix's solutions provided comprehensive coverage across on-premises, cloud, and data center environments, ensuring no blind spots and enabling real-time visibility. Granular insights from Securonix UEBA highlighted anomalies like suspicious logins across various locations, empowering proactive threat prevention. Furthermore, Securonix SOAR's automated incident creation streamlined operations, reducing manual tasks and enhancing response times. Beyond technology, the partnership with Securonix proved invaluable, with seamless deployment support and collaboration on custom features solidifying Persistent's security posture. This partnership highlights Securonix's continuous innovation and unwavering commitment to customer success. For more info, click here - https://www.securonix.com/resources/persistent-systems-transforms-security-posture-with-securonix/

Hackuity Website

Brief description of solution/service

Hackuity is a cutting-edge Risk-Based Vulnerability Management platform designed to streamline cybersecurity processes and enhance organizational security posture. By integrating and automating the analysis of vulnerability data across various sources, Hackuity provides a centralized, prioritized view of threats based on real-time risk assessments. This allows security teams to efficiently allocate resources to the most critical vulnerabilities, ensuring timely mitigation and compliance with regulatory standards. With its intuitive interface and powerful analytics, Hackuity empowers organizations to proactively manage their cybersecurity risks, turning vulnerability management into a strategic advantage.

What security-related issues did your organization desire to address with this solution/service

Hackuity is specifically designed to address critical issues such as data silos, vulnerability overload, and resource constraints that many organizations face. By consolidating disparate vulnerability data into a single, unified platform, Hackuity breaks down data silos and provides a comprehensive view of your security landscape. This enables more accurate risk prioritization and streamlined vulnerability management, effectively tackling the problem of overload by focusing efforts on the most critical issues first. Additionally, Hackuity’s automation capabilities significantly reduce the manual labor required, helping to alleviate resource constraints and allowing your team to work more efficiently and effectively in securing your infrastructure.

What technologies and/or innovations are applied/deployed in this solution/service?

Hackuity is specifically designed to address critical issues such as data silos, vulnerability overload, and resource constraints that many organizations face. By consolidating disparate vulnerability data into a single, unified platform, Hackuity breaks down data silos and provides a comprehensive view of your security landscape. This enables more accurate risk prioritization and streamlined vulnerability management, effectively tackling the problem of overload by focusing efforts on the most critical issues first. Additionally, Hackuity’s automation capabilities significantly reduce the manual labor required, helping to alleviate resource constraints and allowing your team to work more efficiently and effectively in securing your infrastructure.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

SG - one of the top 3 telco in SG, one of the govt regulatory board Indonesia- One of the largest state owned Bank We are also IMDA accredited and is in the govt green lane for procurement

New Relic Website

Brief description of solution/service

The New Relic all-in-one observability platform helps organisations secure software applications with less toil by providing a comprehensive approach to vulnerability management. New Relic Vulnerability Management provides continuous runtime software composition analysis (SCA) and vulnerability assessment prioritisation, with no additional configuration when using supported New Relic APM agents. It instantly detects common vulnerabilities and exposures (CVEs) from the U.S. Department of Commerce National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) across supported application dependencies.

What security-related issues did your organization desire to address with this solution/service

Applications today are often composed of thousands of components, each with the potential to carry critical security vulnerabilities that can increase the risk of IP theft, data loss, monetary loss, reputational damage, and more. Mitigating security threats is now an enterprise priority, as is having a security mindset across the development pipeline. To help address this new shared responsibility between DevOps and Security teams (DevSecOps), New Relic Vulnerability Management enables teams to see performance and availability issues in one connected experience and allows all teams to quickly assess the most urgent vulnerabilities while addressing exposure with guidelines for remediation.

What technologies and/or innovations are applied/deployed in this solution/service?

New Relic AI monitoring is the industry’s first APM solution that provides end-to-end visibility for any AI-powered application. New Relic AI monitoring provides engineers unprecedented visibility and insights across the entire AI stack so they can build and run safe, secure, and responsible AI applications with confidence.

New Relic Interactive Application Security Testing (IAST) automates the process of finding code paths that are likely to be exploited.

New Relic offers a unified security view across the stack and software lifecycle with the ability to add security data through an open ecosystem of built-in quickstarts and New Relic security APIs.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Indonesia-based health-tech platform Halodoc connects millions of patients with healthcare providers on a single platform. A cloud-native business, Halodoc adopted New Relic over six years ago to provide better platform performance.

With end-to-end visibility via dashboards and distributed tracing, Halodoc has been able to track its performance against KPIs, while consolidating and optimising its infrastructure usage. Real-time and historic insights allow for the periodic analysis of past performance, load, and throughput to understand current and future capacity needs.

New Relic has helped Halodoc achieve a 40% improvement in app performance alongside 20% in savings on infrastructure and associated server costs, in conjunction with the introduction of the AWS Graviton2 processors which are running 90% of its production workloads.

By having all the necessary information about its systems in one place, the Halodoc team is delivering a consistent experience to its customers while embracing a culture of developer productivity, accountability and ownership.

Skybox Security Website

Brief description of solution/service

Skybox Security's Continuous Exposure Management Platform offers a comprehensive vulnerability management solution. It unifies visibility across complex IT environments, prioritizing threats based on real-world risk and providing actionable mitigation. This platform streamlines remediation with existing tools, empowering proactive cyber risk management. By combining attack surface mapping with in-depth vulnerability analysis and real-time threat intelligence, Skybox helps organizations identify, prioritize, and remediate vulnerabilities effectively

What security-related issues did your organization desire to address with this solution/service

The traditional approach to vulnerability management struggles with limited visibility, inefficient processes, and misguided prioritization, leaving organizations vulnerable to cyberattacks. Skybox Security addresses these shortcomings by offering a real-time view of all vulnerabilities, prioritizing them based on their actual business risk, and providing immediate mitigation steps – all without relying on slow patch cycles. Additionally, Skybox analyzes how your data impacts vulnerability risk, identifies limitations of traditional scanners, and helps reduce the scan-to-patch lag from weeks to hours.

What technologies and/or innovations are applied/deployed in this solution/service?

Comprehensive Attack Surface Management: Assess your entire attack surface, gaining a holistic understanding of potential vulnerabilities.

Advanced Vulnerability Discovery: Uncover hidden threats by identifying potential attack paths and prioritizing them based on real-world exploitability.
Risk-Based Vulnerability Management: Prioritize critical vulnerabilities using actionable threat intelligence, not just generic CVSS scores.
Effective Vulnerability Control: Remediate the most critical vulnerabilities and implement compensating controls when patching isn't immediate.
Enhanced Vulnerability Reporting: Generate clear and concise reports on risk and remediation progress for improved stakeholder communication.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Skybox Security's Vulnerability Management solution has demonstrably improved cyber risk management for both public and private sector organizations in the Asia Pacific region. A prime example is a Singaporean central government agency responsible for safeguarding multiple departments and sectors.

Challenge: This agency, despite its advanced IT infrastructure, encountered limitations with traditional vulnerability management. Their growing attack surface (over 30,000 assets) overwhelmed manual processes and scanner-generated data lacked context for prioritization.
Solution: The agency implemented Skybox Vulnerability Control. This platform provided a comprehensive view of their assets, enabling them to effectively prioritize and remediate vulnerabilities.
Results: Skybox empowered the agency's security team to meet SLAs and optimize resources. Attack simulations offered valuable insights into potential attack vectors, while network modeling capabilities helped navigate their complex network architecture. This case study, publicly available on Skybox's website, highlights the success of Skybox's Vulnerability Management solution in the Asia Pacific region.

HackerOne Website

Brief description of solution/service

HackerOne Bounty provides a structure for ethical hackers to safely find and report vulnerabilities to your organization in exchange for a monetary reward. Bug bounty programs allow businesses to engage top security talent from around the globe to discover novel and elusive vulnerabilities before malicious actors can exploit them.

HackerOne Bounty significantly reduces your threat exposure by tapping into the largest global community of ethical hackers. This solution offers preemptive and continuous oversight of your digital landscape through a program that matches the best security researchers to your specifications and incentivizes them with rewards for discovering vulnerabilities.

What security-related issues did your organization desire to address with this solution/service

Vulnerability Discovery: identify vulnerabilities in software, websites, or applications before malicious actors can exploit them. Attack Surface Growth & Unknown Risks: Innovation and growing business operations expose an attack surface to unknown risks. Security Team Enhancement: a diverse talent pool provides deep domain expertise and extended coverage for enhanced defense. Software Supply Chain Security: Test developed software for malicious or vulnerable code to ensure systems supporting the software development process are free from vulnerabilities and misconfigurations. AI Security: avoid malicious exploitation of AI deployments by having them tested by security researchers

What technologies and/or innovations are applied/deployed in this solution/service?

With over 2 million registered security researchers globally, HackerOne provides a vast and highly skilled talent pool dedicated to uncovering elusive vulnerabilities.

The HackerOne Platform enables management of bug bounty activities within a single interface, optimizing operational oversight. The unified platform allows seamless operation of HackerOne’s portfolio of solutions.

Hai, is HackerOne’s GenAI Copilot that assists with remediation advice, summarizing report details, generating vulnerability scanner templates for regression testing, and more.

Hacktivity is a unique repository of thousands of publicly disclosed vulnerabilities promoting transparency, hacker education, community engagement, and security advocacy

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

GovTech - https://hackerone.com/govtech-vdp?type=team
LY Corp - formerly known as Line Yahoo Corporation
Nintendo - https://hackerone.com/nintendo?type=team
Sega - https://hackerone.com/sega?type=team
Toyota - https://hackerone.com/toyota?type=team
TikTok - https://hackerone.com/tiktok?type=team
Grab - https://hackerone.com/grab?type=team
Alibaba - https://hackerone.com/alibaba?type=team
SEA/Garena - https://hackerone.com/sea?type=team
OKG - https://hackerone.com/okg?type=team
Crypto.com - https://hackerone.com/crypto?type=team
Zomato - https://hackerone.com/zomato?type=team
RazorPay - https://hackerone.com/razorpay?type=team
A.S. Watsons - https://hackerone.com/watson_group?type=team

Green Radar Website

Brief description of solution/service

grMail provides customers with much-needed email security services. With around-the-clock monitoring and deep email analysis with threat hunting, the service ensures the customer with maximum email protection against target phishing attacks.

Green Radar provides cloud-based Security as a Service, an all-in-one and affordable solution for enterprises of any size to enjoy first-class email security solutions without having their own infrastructure or heavily investment in developing, maintaining and creating those security tools, saving upfront costs for hardware as well as continuing costs for software licenses.

What security-related issues did your organization desire to address with this solution/service

Green Radar grMail focuses on providing affordable and high-quality services for SMEs in Hong Kong. We prioritize the needs of our customers, ensuring a seamless user experience at a competitive price.

Phishing emails remain one of the top three cyber attacks globally. SMEs are lacking of IT security experts, are particularly vulnerable to these scams. Due to limited budgets, SMEs often struggle to hire security experts or establish 24x7 monitoring Security Operations Centers (SOCs). Additionally, SMEs face challenges in formulating an effective response when a security incident occurs.

What technologies and/or innovations are applied/deployed in this solution/service?

Green Radar are actively working on enhancing our email security solution through key improvements. These enhancements will target areas such as reducing scanning time, implementing a flexible policy framework, and enhancing reporting capabilities.

A primary focus of our improvement efforts is to minimize security scanning time. We plan to achieve this by optimizing scanning performance and eliminating redundant scans. Streamlining the scanning process will result in faster and more efficient email processing, enhancing both the user experience and overall system performance.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Not Applicable

SquareX Pte Ltd Website

Brief description of solution/service

SquareX helps organisations detect, mitigate and threat-hunt web attacks happening against their users in real time. With our innovative browser-native security product, SquareX safeguards enterprise users from a spectrum of web-based threats, encompassing malicious files, websites, scripts, and compromised networks. By detecting and mitigating threats before they reach the device, SquareX prevents potential damage and data loss to critical enterprise assets. SquareX also enables security teams to threathunt sophisticated attacks across the organisation, providing insights that were previously inaccessible through our patent-pending attack vision and attack-chain graphs. SquareX can be employed on any browser without causing any inconvenience.

What security-related issues did your organization desire to address with this solution/service

SASE/SSE solutions are unable to protect users against modern web threats that happen on the client side, and endpoint security has no visibility into what happens in the browser during an attack. To detect web attacks, it is important to have access to rich browser DOM data, including user interactions and how the browser renders the visual interface. The SquareX extension has access to this data, allowing the algorithm to discover and mitigate threats which cloud based proxies and endpoint security cannot.

What technologies and/or innovations are applied/deployed in this solution/service?

On the client side, in-browser malicious content detection is done through a combination of rules-based methods, heuristic analysis, AI and machine learning that run in the browser to continuously monitor page DOM changes, user interactions, and web traffic patterns to identify and block potential threats in real-time. Our patent-pending attack vision relies on unique visualisation techniques. On server side, state of the art cloud technology is used to host our infrastructure. Threat hunting requires correlation of data points and graphing techniques along with AI and ML modelling. Additionally, Copilot is leveraged for AI generated insights on attacks and auto- remediation.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Last year, SquareX launched its Consumer edition for everyday internet users. Available on both Chrome and Edge stores, SquareX has been deployed by over 200,000 users worldwide to be their go-to service to stay safe online. Many cybersecurity and IT professionals also started using SquareX for their job-related tasks, and have been requesting an enterprise edition.

The much anticipated SquareX Enterprise was unveiled at the RSA Conference 2024 where more than 30,000 security professionals had a chance to watch live demonstrations of the product. Since then, multiple organisations have come forth to set up pilots to deploy SquareX Enterprise. We are amidst the preparation to launch some of these pilots in the upcoming weeks.

Focused purely on protecting both consumers and enterprise users from modern threats, SquareX has also released multiple exposés on the current state of security in everyday applications and commonly employed security solutions. One such exposé was released on Forbes exclusive - a study of the state of email security amongst the top email providers. In the upcoming months, SquareX will be presenting more such exposés in global cybersecurity stages and conferences.

Proofpoint Website

Brief description of solution/service

Proofpoint Threat Protection is an AI-driven solution that protects people from modern email threats by detecting and blocking malicious messages both pre-and post-delivery. This integrated platform provides actionable visibility into your human attack surface, unparalleled protection against modern threats, and positive operational outcomes. By integrating multiple controls across email, cloud, users, and suppliers, it customises protection around your people before, during and after an attack.

It is the only AI/ML-powered, cloud-based threat protection platform that disarms today's advanced attacks, including email fraud (BEC), ransomware, weaponised URLs, multi factor authentication (MFA) bypass for credential phishing, and more.

What security-related issues did your organization desire to address with this solution/service

Email remains the number one threat vector and attacks constantly evolve.

Every day, Proofpoint analyses 2.6 billion+ emails, 49 billion+ URLs, blocks 1.5 million BEC attacks, and scans 1.9 billion attachments and 4.75 billion mobile and email messages across 150 plus ISPs, while tracking hundreds of threat actors.

Proofpoint adopts a unique people-centric approach because organisations must understand who their very attacked people are. The platform provides visibility into who’s most attacked and the threats targeting them. With this insight, organisations can mitigate email risks by applying adaptive controls, including browser isolation and targeted security training.

What technologies and/or innovations are applied/deployed in this solution/service?

Proofpoint improves operational effectiveness by:

Stopping hard-to-detect threats;
Providing actionable insights to respond to attacks;
Automating threat detection and remediation;

Proofpoint developed a behavioural AI engine that analyses patterns of communication and unusual behaviours, used in combination with threat intelligence to detect novel phishing attacks, BEC threats, compromised employee accounts and compromised supplier accounts. For example, in detecting compromised M365 accounts we correlate behavioural anomalies (“employee has logged in from Russia”) with threat data (“employee recently received and clicked on phishing message”), reducing alert fatigue and unnecessary burden on security teams.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Village Roadshow is an entertainment company headquartered in Melbourne, Australia, that relies on constant communications with customers and business partners. Receiving over five million emails coming each quarter, business email compromise (BEC) emerged as a prominent initial threat vector. Recognizing the urgency to protect their staff, suppliers, and customers, they took proactive measures to strengthen their defences.

Proofpoint Email Protection provided multilayered detection that identified and blocked business email compromise (BEC), phishing and other threats, securing and controlling Village Roadshow’s inbound and outbound email. Proofpoint Threat Response Auto-Pull (TRAP), also automatically quarantined malicious emails that bypassed perimeter solutions.

With Proofpoint Email Protection, Village Roadshow is more confident in its ability to stop the latest email threats and their IT and security staff have more time freed up.

Green Radar Website

Brief description of solution/service

grMail provides customers with much-needed email security services. With around-the-clock monitoring and deep email analysis with threat hunting, the service ensures the customer with maximum email protection against target phishing attacks.

Green Radar provides cloud-based Security as a Service, an all-in-one and affordable solution for enterprises of any size to enjoy first-class email security solutions without having their own infrastructure or heavily investment in developing, maintaining and creating those security tools, saving upfront costs for hardware as well as continuing costs for software licenses.

What security-related issues did your organization desire to address with this solution/service

Green Radar grMail focuses on providing affordable and high-quality services for SMEs in Hong Kong. We prioritize the needs of our customers, ensuring a seamless user experience at a competitive price.

Phishing emails remain one of the top three cyber attacks globally. SMEs are lacking of IT security experts, are particularly vulnerable to these scams. Due to limited budgets, SMEs often struggle to hire security experts or establish 24x7 monitoring Security Operations Centers (SOCs). Additionally, SMEs face challenges in formulating an effective response when a security incident occurs.

What technologies and/or innovations are applied/deployed in this solution/service?

Green Radar are actively working on enhancing our email security solution through key improvements. These enhancements will target areas such as reducing scanning time, implementing a flexible policy framework, and enhancing reporting capabilities.

A primary focus of our improvement efforts is to minimize security scanning time. We plan to achieve this by optimizing scanning performance and eliminating redundant scans. Streamlining the scanning process will result in faster and more efficient email processing, enhancing both the user experience and overall system performance.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Not Applicable

Hackuity Website

Brief description of solution/service

Hackuity is a cutting-edge Risk-Based Vulnerability Management platform designed to streamline cybersecurity processes and enhance organizational security posture. By integrating and automating the analysis of vulnerability data across various sources, Hackuity provides a centralized, prioritized view of threats based on real-time risk assessments. This allows security teams to efficiently allocate resources to the most critical vulnerabilities, ensuring timely mitigation and compliance with regulatory standards. With its intuitive interface and powerful analytics, Hackuity empowers organizations to proactively manage their cybersecurity risks, turning vulnerability management into a strategic advantage.

What security-related issues did your organization desire to address with this solution/service

Hackuity is specifically designed to address critical issues such as data silos, vulnerability overload, and resource constraints that many organizations face. By consolidating disparate vulnerability data into a single, unified platform, Hackuity breaks down data silos and provides a comprehensive view of your security landscape. This enables more accurate risk prioritization and streamlined vulnerability management, effectively tackling the problem of overload by focusing efforts on the most critical issues first. Additionally, Hackuity’s automation capabilities significantly reduce the manual labor required, helping to alleviate resource constraints and allowing your team to work more efficiently and effectively in securing your infrastructure.

What technologies and/or innovations are applied/deployed in this solution/service?

Hackuity is specifically designed to address critical issues such as data silos, vulnerability overload, and resource constraints that many organizations face. By consolidating disparate vulnerability data into a single, unified platform, Hackuity breaks down data silos and provides a comprehensive view of your security landscape. This enables more accurate risk prioritization and streamlined vulnerability management, effectively tackling the problem of overload by focusing efforts on the most critical issues first. Additionally, Hackuity’s automation capabilities significantly reduce the manual labor required, helping to alleviate resource constraints and allowing your team to work more efficiently and effectively in securing your infrastructure.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

SG - one of the top 3 telco in SG, one of the govt regulatory board Indonesia- One of the largest state owned Bank We are also IMDA accredited and is in the govt green lane for procurement

SquareX Pte Ltd Website

Brief description of solution/service

SquareX helps organisations detect, mitigate and threat-hunt web attacks happening against their users in real time. With our innovative browser-native security product, SquareX safeguards enterprise users from a spectrum of web-based threats, encompassing malicious files, websites, scripts, and compromised networks. By detecting and mitigating threats before they reach the device, SquareX prevents potential damage and data loss to critical enterprise assets. SquareX also enables security teams to threathunt sophisticated attacks across the organisation, providing insights that were previously inaccessible through our patent-pending attack vision and attack-chain graphs. SquareX can be employed on any browser without causing any inconvenience.

What security-related issues did your organization desire to address with this solution/service

SASE/SSE solutions are unable to protect users against modern web threats that happen on the client side, and endpoint security has no visibility into what happens in the browser during an attack. To detect web attacks, it is important to have access to rich browser DOM data, including user interactions and how the browser renders the visual interface. The SquareX extension has access to this data, allowing the algorithm to discover and mitigate threats which cloud based proxies and endpoint security cannot.

What technologies and/or innovations are applied/deployed in this solution/service?

On the client side, in-browser malicious content detection is done through a combination of rules-based methods, heuristic analysis, AI and machine learning that run in the browser to continuously monitor page DOM changes, user interactions, and web traffic patterns to identify and block potential threats in real-time. Our patent-pending attack vision relies on unique visualisation techniques. On server side, state of the art cloud technology is used to host our infrastructure. Threat hunting requires correlation of data points and graphing techniques along with AI and ML modelling. Additionally, Copilot is leveraged for AI generated insights on attacks and auto- remediation.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Last year, SquareX launched its Consumer edition for everyday internet users. Available on both Chrome and Edge stores, SquareX has been deployed by over 200,000 users worldwide to be their go-to service to stay safe online. Many cybersecurity and IT professionals also started using SquareX for their job-related tasks, and have been requesting an enterprise edition.

The much anticipated SquareX Enterprise was unveiled at the RSA Conference 2024 where more than 30,000 security professionals had a chance to watch live demonstrations of the product. Since then, multiple organisations have come forth to set up pilots to deploy SquareX Enterprise. We are amidst the preparation to launch some of these pilots in the upcoming weeks.

Focused purely on protecting both consumers and enterprise users from modern threats, SquareX has also released multiple exposés on the current state of security in everyday applications and commonly employed security solutions. One such exposé was released on Forbes exclusive - a study of the state of email security amongst the top email providers. In the upcoming months, SquareX will be presenting more such exposés in global cybersecurity stages and conferences.

NEC Asia Pacific Pte Ltd Website

Brief description of solution/service

NEC Asia Pacific Pte Ltd offers comprehensive managed cybersecurity services to protect companies’ digital assets and infrastructure. Our solutions include advanced threat detection, continuous monitoring, incident response, and vulnerability management.

Our Advance Response Centre provides 24/7 X 365 Days Managed Cybersecurity Services, monitors and safeguards your systems, providing real-time threat detection and response. We collaborate and partner industry-leading technology to help organizations strengthen their cybersecurity posture and build resilience against cyberattacks.

What security-related issues did your organization desire to address with this solution/service

We provide 24/7 advance monitoring and threat detection, protect organizations from malicious attacks. We help organizations to be more aware of cyber threats where we provide professional cybersecurity training to increase employee’s awareness , close security gaps and be more proactive against cyber threats.

What technologies and/or innovations are applied/deployed in this solution/service?

Our services employ advanced technologies and innovations, including Next-Gen Security Information and Event Management (SIEM) for centralized monitoring, alerting, and analysis of security events. It integrates with Endpoint Detection and Response (EDR) for real-time endpoint activity visibility and rapid response, and leverages network analytics for proactive problem detection, healing, and notifications. Additionally, it supports Hybrid Cloud security monitoring and includes Threat Visibility & Intelligence, API Security, and DevSecOps to enhance security compliance and overall user experience. These technologies collectively improve cybersecurity posture, reduce risks, and protect sensitive data and digital assets.

What industries and/or organizations in Asia Pacific have you deployed this solution/service? Name the customer if possible, or an alternative public domain or portal that contains such information.

Due to privacy and confidentiality reasons, we cannot disclose the specific customers. However, we have been providing managed services, including cybersecurity services, to various government and public sector clients.

Additionally, we support Kajima Corporation, a global construction and real estate development company based in Japan with subsidiaries worldwide. To assist Kajima in securing their digital transformation efforts, NEC was engaged to identify security gaps and implement centralized monitoring for more effective and prompt responses to cyber threats.

Furthermore, we provide cybersecurity support to a Manufacturing company, covering 21 locations across Indonesia. NEC Asia Pacific remains dedicated to providing comprehensive managed security solutions, empowering businesses of all sizes and sectors to thrive in today's ever-evolving cyber threat landscape.

Please refer to the URL for reference: https://www.linkedin.com/posts/nec-asia-pacific-pte-ltd_neckajima-case-study-activity-7195988703926763520-lxy4/?utm_source=share&utm_medium=member_desktop

https://www.linkedin.com/posts/nec-asia-pacific-pte-ltd_nec-cyber-defence-services-activity-7086902403391721472-quZl/?utm_source=share&utm_medium=member_desktop

https://www.linkedin.com/posts/nec-asia-pacific-pte-ltd_soc-noc-activity-7169262632259059713-ubHA/?utm_source=share&utm_medium=member_desktop

https://www.linkedin.com/posts/nec-asia-pacific-pte-ltd_managedservices-activity-7188475799954460674-xc4q/?utm_source=share&utm_medium=member_desktop

https://www.nec.com/en/global/office/index.html#anc-region4