Voting Criteria :
What security-related issues did your organization desire to address with this solution/service?
Kaspersky IoT Infrastructure Security seeks to address four areas:
1. Infrastructure reliability – infrastructure and data protection on the gateway level
2. Transition to Industry 4.0 – Assistance with digital transformation and building end-to-end services for on-premises
and cloud analytics
3. Cloud Integration – Support for proven cloud storage and processing platforms
4. Data flow transparency – One way data transmission through KISG 100 and centralized monitoring of all KISG 1000
events
Kaspersky enables the building of end-to-end services with cloud-based analytics applications, information collection
from equipment, perform critical functions even in hostile environments and protect data from compromise.
Brief description of solution/service
Kaspersky IoT Infrastructure Security is a range of Cyber Immune gateways – Kaspersky IoT Secure Gateway (KISG) – based
on Kaspersky OS for building reliable and functional IoT systems. These gateways play a key role in creating end-to-end
services for enterprise digital transformation.
What technologies and/or innovations are applied/deployed in this solution/service?
The product is based on the Siemens SIMATIC IOT2040 or Advantech UTX-3117 hardware. It securely transfers data from
industrial equipment to cloud platforms using the OPC UA protocol with the aim to help industrial companies undergo
digital transformation. The gateway is also part of the solution that offers data protection and monitoring features.
Advantech UTX-3117 uses the MQTT over TLS protocol to collect data and manage connected devices. Together, the two
products protect IoT infrastructures on the gateway level, making it possible to monitor them and manage events from a
single console.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
The industries in Asia Pacific that this has been deployed in include: Banking and Financial Institutions, Government
Agencies, Telecommunications, Industrial and Healthcare. This aggregates data collected via different protocols (Zigbee,
LoRa, Modbus, CanBus, PROFINET, OPC UA, etc.), and converts it for transmission over cellular networks and Ethernet
(MQTT, CoAP, AMQP, XMPP). In addition, it not only collects, checks and distributes telemetry, but also transmits control
commands received via MQTT to devices. The system performs security functions, such as device detection and
classification, logging security events in IoT systems and protection from network attacks (IDS / IPS).
The product can be used as a security gateway — a specialized border network solution for protection of IoT and IIoT
infrastructure from hacker attacks. In addition it is possible to configure it for particular needs, as well as add new
functions from partner products.
What security-related issues did your organization desire to address with this solution/service?
More than ever, users are the weak link in an organisation’s network security. Employees are frequently exposed to
sophisticated social engineering attacks so they need to be trained by an expert like Kevin Mitnick. Many IT pros don’t
exactly know where to start when it comes to creating a security awareness program that will work for their organisation.
KnowBe4 has taken away all the guesswork with its Automated Security Awareness Program (ASAP), which allows
organisations to create a customised program that helps implement all the steps to create a complete security awareness
training program in just a few minutes.
Brief description of solution/service
KnowBe4 is the world’s largest integrated Security Awareness Training and Simulated Phishing platform with over 50,000+
customers. Based on Kevin Mitnick’s 30+ year unique first-hand hacking experience, you now have a platform to better
manage the urgent IT security problems of social engineering, spear phishing and ransomware attacks.
What technologies and/or innovations are applied/deployed in this solution/service?
AI-Driven optional training recommendations based on the performance metrics of the individual learners.
https://support.knowbe4.com/hc/en-us/articles/1500002656002#AIDA
Automatic and Ai-driven dynamic selection of phishing templates based on the skill level of each user:
https://support.knowbe4.com/hc/en-us/articles/1500002656002#AIDA.
Virtual Risk OfficerTM provides actionable data and metrics to help organisations better understand their security
strengths and weaknesses. VRO assigns dynamic Risk Scores to your users, groups, and organisation. You can use these
Risk Scores to make data-driven decisions for your organisation's security. https://support.knowbe4.com/hc/en-us/articles/360001358728.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
The primary industries represented are financial services, technology and manufacturing. In the KnowBe4 2022 Phishing
by Industry Benchmarking report, customers in Asia Pacific were able to reduce their Phish-proneTM percentage
(KnowBe4’s failure indicator of users who click on phishing emails) from 34.5% to 16.9% after just 90 days and from
34.5% to to 5.4% after a year or more of KnowBe4 training and simulated phishing tests.
Sun Chemical, a global chemical manufacturing company with more than 10,000 users and three Asia Pacific locations,
also reduced their Phish-proneTM percentage using KnowBe4. Since rolling out initial baselining and ongoing training to its
global user base, the organization’s Phish-prone percentage dropped from 19.2% to 2.5%, and the organization has not
experienced cybersecurity incident-related outages or plant shutdowns on the scale that it previously did. This was
achieved by requiring users to take the Kevin Mitnick Security Awareness Training module, using KnowBe4 content to run
short videos every month, and using simulated phishing tests about every 2 weeks. They also found the security culture
changed within their organization because users know what the security team does now that they are a part of the team’s
every day work.
What security-related issues did your organization desire to address with this solution/service?
Ransomware has more than doubled year-over-year, and attackers are targeting organizations of all sizes and industries.
Barracuda found 72% of APAC organization suffered at least one ransomware attack in 2021.
They attack through email. Starting with a malicious phishing email, they intend to trick the recipient into disclosing login
credentials.
They then attack websites and apps using stolen credentials or other means. Attackers hit website and applications to
access business data.
With access to company data, attackers encrypt data so that user can’t access it. They then demand a ransom payment to
unencrypt it and avoid exposing that data.
Brief description of solution/service
Barracuda provides email, application/access, and backup protection solutions required to keep business secure against
ransomware. The multi-layered approach makes Barracuda uniquely qualified to provide effective solutions and block
every step of a ransomware attack – from stealing credentials via phishing emails, attacking web apps, to encrypting data
for a ransom.
What technologies and/or innovations are applied/deployed in this solution/service?
Barracuda offers comprehensive protection against every step of ransomware attack.
• Barracuda Email Protection combines traditional email gateway with AI capabilities to detect and block against complex
email attacks and train user to recognize phishing attacks with simulation.
• Barracuda Web Application Firewall protects web application and API. Using machine learning, it blocks OWASP top
threats: DDoS attacks, bad bots and more.
• Barracuda CloudGen Access enables secure and fast access to cloud or on-premises applications and workloads from
any device and location with zero trust capabilities.
• Barracuda Cloud-to-Cloud Backup provides fast and resilient backup for Microsoft 365 data.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Ransomware attacks tend to going after lucrative industries such as finance, healthcare, or telecom, yet organizations of
all sizes and industries are susceptible to ransomware. Attackers are increasingly employing more sophisticated attacks
and defeating existing defenses, businesses must build comprehensive defense with a three-step protection against email
phishing, application vulnerabilities and data breach.
To cope with businesses expansion, Cross Hydraulics, leading providers of imported hydraulic and electrical equipment
headquartered in Australia, needed more reliable IT solutions to secure its day-to-day operations across six sites in
Australia and New Zealand following its switch to Microsoft 365 and cloud adoption.
By deploying Barracuda Email Protection, it saw enhanced security posture with comprehensive protection against
phishing and other email threats and filtered out 2000 malicious emails per day. It protected users against credential loss.
Together with Barracuda Cloud-to-Cloud Backup and Barracuda CloudGen Firewall, they helped to protect critical data on
Microsoft 365 and provided a holistic solution across all potential threat vectors that Cross Hydraulics were concerned
about its extended corporate networks.
“We now have in place a comprehensive security and archiving infrastructure that covers our needs across all of our office
locations,” said Alex Burrows, Cross Hydraulics IT manager.
What security-related issues did your organization desire to address with this solution/service?
Recently cybercriminals have accelerated attacks in both velocity and sophistication. 2021 set cybercrime records as high-
profile attacks including SolarWinds, Colonial Pipeline, and Kaseya continued making headlines, impacting businesses of
all sizes and industries. This increase is attributable to never seen threats, new ransomware techniques, soaring
cryptocurrency prices, the rise in IoT devices, and the shifting and distributed IT landscape, each with its own
vulnerabilities.
Organizations struggle without visibility, the ability to detect the unknown, and skilled resources as the need to secure the
dynamic work environment compounds the problem.
Brief description of solution/service
SonicWall Realtime Deep Memory Inspection (RTDMI) is an award-winning patented technology invented by SonicWall’s
Capture Labs to protect against never-seen-before threats with the least number of false positives. It leverages proprietary
memory inspection, CPU instruction tracking, and ML capabilities to become increasingly efficient at recognizing and
mitigating cyberattacks.
What technologies and/or innovations are applied/deployed in this solution/service?
SonicWall’s RTDMI uses memory inspection, CPU instruction tracking, and ML capabilities to recognize and mitigate new
and emerging cyberattacks including threats that hide malicious behavior via encryption.
RTDMI is deployed with SonicWall Capture Cloud Platform, which includes next-generation firewalls, wireless network
security, email security, secure mobile, and remote access offerings, and cloud and IoT solutions. The on-premise Capture
Security Appliance, ideal for enterprises with sensitive data which cannot leave their region or organization, detects and
blocks unknown threats without relying on cloud-based inspection.
In 2021 alone, RTDMI discovered 442,151 “never-before-seen” malware variants.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
The RTDMI engine has been deployed in a wide variety of industries including governments, BFSI, manufacturing, Energy
and Utilities, High-Tech, IT/ITES/Retail, eCommerce, Healthcare, etc. The solution has protected against a wide variety of
threats including ransomware, trojans, and Cyrptojack attacks.
RTDMI’s capabilities were proven in 2021-22 by ICSA Labs, an independent division of Verizon providing 3rd party
product assurance certifications since 1989, in their Advanced Threat Defense testing.
In February 2021, after 35 days of testing and 1,741 tests of new and little know malware, SonicWall Capture ATP received
a 100% score with no false positives on the ICSA Labs test for all quarters of 2021 and 2022.
RTMDI provides customers with:
Short time to value - Can be deployed and made operational in the customer environment in less than 30 minutes.
Easy Integration- Seamless integration with the SonicWall portfolio. Can also integrate using REST API, used to submit
malicious files for analysis, web-portal integrations, and other security products
High Security Effectiveness – Fast, and Accurate Verdict
Reporting and detailed analysis - a global view into advanced threat protection across the organization
What security-related issues did your organization desire to address with this solution/service?
Green Radar grMail is a cloud-based email security platform with aidar™ (artificial intelligence) capability, to discover any unprecedented email threats. The aim is to adaptive infrastructure that harness data to extract hidden threats and to defend your organization against bulk spams, virus, malware, spoofing emails, phishing, CEO fraud and other email-borne threats.
Brief description of solution/service
Cloud-based security-as-a-service provider that offers email security protection with Managing Detection & Response (MDR) approach.
What technologies and/or innovations are applied/deployed in this solution/service?
Green Radar grMail is a cloud-based email security platform with aidar™ (artificial intelligence) capability, to discover any unprecedented email threats. The aim is to adaptive infrastructure that harness data to extract hidden threats and to defend your organization against bulk spams, virus, malware, spoofing emails, phishing, CEO fraud and other email-borne threats. Green Radar adopts AI and self-developed machine learning technology to effectively prevent malicious email attacks.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Green Radar can deploy in all industries. Take F&B industry in Asia Pacific area as an example, it regularly gets targeted with high volumes of spam. Green Radar provides advanced and real time email threat defense. With the grMail™ administrative portal, it analyzes more than 85,000 incoming emails monthly and only accepted 48,400 for delivery to employee mailboxes. The end user portal is very intuitive that no need to worry so much about email threats. Advance phishing links scan to prevent any financial loss make the performance level and customer experience is greatly enhanced.
grAssessment™ is a solid defense strategy include an end-to-end protection with awareness education and real-time training to enhance end users’ awareness of their role in thwarting phishing emails. Continuous updates and enhancements of platforms, including effective deep threat machine learning. As the FIRST local technology vendor who is having R&D experts and professional post-sales support team can ensure the fastest response and more adequate support to channel partners and customers without language barrier. Moreover, apart from global threat intelligence, Green Radar is specially putting a lot of local threat intelligence in the development of our technology to cater for the special needs of the customers.
What security-related issues did your organization desire to address with this solution/service?
A main tool of communication, email is a fundamental feature of modern business and the No. 1 threat vector. Email attacks — including phishing attacks, business email compromise, supply chain attacks, ransomware, cloud account compromise — are constantly evolving. Organisations struggle in addressing the speed, volume, and complexity of today’s cyber threats, and Proofpoint’s Advanced Email Security solution employs an inline and API approach to ensure full protection of inbound and outbound messages. Its integrated, layered approach reduces risk of successful attacks by accurately detecting threats faster, providing actionable insights for organisations to better understand the risks their users face.
Brief description of solution/service
Proofpoint Advanced Email Security is a solution that helps organisations prevent, detect, and respond to today’s most advanced attacks. It utilises a multilayered approach, including email analysis and classification, targeted attack protection, preventing spoofed emails, controlling data loss, email threat response, and maintaining email during a server outage.
What technologies and/or innovations are applied/deployed in this solution/service?
This solution uses reputation, URL rewriting, and predictive and click-time sandboxing to detect payload threats, such as through attachments and URLs. It uses built-in detection for evasion tackles like CAPTCHA, password protection, render-heavy sites, redirectors and file-sharing sites.
Artificial intelligence and machine learning models from Nexus Threat Graph are used for payloadless attacks. They score signals like supplier risk, user signals from collaboration suites, content natural language processing, receiver relationships and intent, for Proofpoint to detect malicious emails.
Analysing email with multilayered content analysis, reputation analysis and sandboxing stops advanced threats like polymorphic malware and ransomware before they hit users.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Ixom is a market leader in water treatment and chemical distribution in Australia and New Zealand, with an increasing presence throughout Southeast Asia. With over 1,000 employees and operations in nine countries, ensuring the integrity of its network infrastructure is key, since any small breach could impact production, compromise data and finances, or damage its reputation.
To strengthen its enterprise security by mitigating threats to email, Ixom turned to various solutions under Proofpoint’s larger Advanced Email Security solution.
To secure its email channel and ensure business communications remained trusted, Ixom deployed Proofpoint Email Fraud Defence, which minimised the risks of impostor threats by enabling the company to confidently enforce DMARC (Domain-based Message Authentication Reporting and Conformance) on its inbound traffic. The solution also goes beyond DMARC to provide insight into business email compromise attacks, including fraud risks posed by suppliers.
To defend against ransomware and other advanced threats, Ixom deployed Proofpoint Targeted Attack Protection (TAP). Designed to continually adapt to the latest cyber attacks, it detects and blocks threats before they reach users’ mailboxes. Proofpoint Threat Response Auto-Pull (TRAP) provides added protection, automatically removing or quarantining malicious emails and unwanted emails post-delivery, including those forwarded to other internal users.
What security-related issues did your organization desire to address with this solution/service?
Nexusguard’s AI-driven Smart Mode solution leverages big data analytics, implementing Machine Learning technology to
track changes against traffic baselines autonomously and detect unusual patterns that might indicate the presence of a
potential threat. Compared to traditional threshold-based detection methods, Nexusguard’s Smart Mode is capable of
identifying malicious attack patterns from high volumes of traffic data with improved precision, making it an ideal
solution for protecting CSP networks and infrastructures against the threat of advanced attacks such as Bit-and-Piece
attacks, Black Storm attacks and potential Zero-day attacks.
Brief description of solution/service
Nexusguard’s Managed DDoS Mitigation Service integrates innovative and proprietary technologies, security and service
expertise as well as processes honed over fourteen years in the cybersecurity industry. With Nexusguard, CSPs can offer
DDoS protection solutions as a service, move up the cybersecurity value chain and gain access to additional sales
pipelines.
What technologies and/or innovations are applied/deployed in this solution/service?
Automated, Intelligent Detection & Mitigation
Upon detecting malicious attempts, Nexusguard’s mitigation platform generates alarms and initiates the process
according to a filter-based security profile built and fine-tuned using deep learning technologies to detect threats.
Malicious attempts are headed off before reaching customer networks or applications.
Granular Visibility & Control
Designed for multi-tenant environments, Nexusguard Portal is a premier traffic visibility, management and reporting
system built to meet the diverse needs of modern networks. Nexusguard Portal combines network visibility, powerful
tools and educational resources to create a cost-effective, “single-pane-of-glass” platform for managing DDoS detection
and mitigation policies and obtaining actionable intelligence.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Through Nexusguard’s comprehensive DDoS protection solution with 99% uptime guarantee, Malaysia’s PPT
Telecommunications (PPTEL) was able to help fully secure Sarawak government agency networks as well as networks of
public organizations. The deployment of our versatile MX7000 delivered fully scalable and highly customizable protection
against evolving DDoS attacks, well exceeding Sarawak’s strict compliance requirements, transforming PPTEL into a
managed security service provider (MSSP) with the capability of protecting its customers against all forms of cyber threats.
What security-related issues did your organization desire to address with this solution/service?
The threat landscape is constantly changing with the introduction of new technologies and attack vectors. Some of the most preeminent threats in recent years are zero-day application exploits, credential stuffing/account abuse, DDoS and ransomware. Having the visibility into whether the vulnerabilities are being exploited and the ability to mitigate them quickly is crucial as we continue to see zero-day attacks happening in increasing frequency. Edgio aims to provide a holistic solution in protecting all these application, botnet and DDoS attack with a single pane of glass to ensure these protective measures complement each others and improve operational efficiency in cybersecurity.
Brief description of solution/service
Edgio is an edge-powered ecosystem where developers have direct access to scaled, multi-layered, enterprise-grade security solutions and integrated tools for creating, managing, and deploying sites and applications—at sub-second speed-to-market. With security in our DNA, Edgio provides the most complete and powerful edge-enabled security solution that’s built on our massive 250Tbps edge platform.
What technologies and/or innovations are applied/deployed in this solution/service?
The Edgio App Security solution takes a multilayered approach to infrastructure protection and web application security to shield businesses and reputation from the latest in application-layer attacks. Our DDoS protection shields businesses against attacks designed to overwhelm infrastructure, and
our WAAP includes a unique dual WAF inspection mode to make it easier for implementation and analyzes proposed rule changes against live traffic with no interruption to performance. As a fully PCI compliant solution, Edgio protects businesses against OWASP Top 10 security risks, remote code execution (RCE), SQL injection (SQLi), cross-site scripting (XSS), credential stuffing, scraping, DDoS attacks, and other security threats.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
We recently witnessed one of the largest network layer DDoS attacks (UDP Flood) targeting one of our large e-commerce customers based in APAC that sells computers, mobile phones and their accessories. The attack originated from Europe and reached 355 Million Packets Per-Second (Mpps) despite the client being in Asia and they were immediately mitigated by Edgio’s PoPs in the EU, close to where the attack originated.
Edgio utilized our proprietary software-based DDoS mitigation system called Stonefish. The Stonefish system constantly samples all traffic coming through our 250Tbps global network and as soon as it detected the attack, it pushed a network filter to block the DDoS attack signature, all of these were done without impacting the customer at all since no attack ever reached the customer’s network. To
What security-related issues did your organization desire to address with this solution/service?
Acronis Cyber Protect Cloud offers backup and recovery, a fast and reliable recovery of applications, systems, and data on any device, from any incident. Acronis’ anti-malware software offers next-generation, full-stack protection against malware, plus AI-based ransomware and cryptomining detection. Lastly, Acronis Cyber Protect Cloud provides security and management, offering a comprehensive, powerful endpoint management with an easy-to-use UI, saving IT resources.
Brief description of solution/service
Acronis Cyber Protect Cloud is the only solution that natively integrates cybersecurity, data protection and management to protect endpoints, systems and data. This synergy eliminates complexity, so service providers can protect customers better while keeping costs down.
What technologies and/or innovations are applied/deployed in this solution/service?
One of the first integrated data protection and cybersecurity solutions on the market that combines data backup, disaster recovery, and restoration with AI-powered anti-malware, cybersecurity and endpoint management features such as vulnerability assessment and patch management, URL filtering, drive health control, and forensics capabilities for a single comprehensive cyber protection tool.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Used by over 20,000 service providers to protect over 750,000 businesses.
What security-related issues did your organization desire to address with this solution/service?
30% of data breaches are insider-driven – and the cost of these insider security threat incidents has doubled in the last three years. This is exactly why Proofpoint’s ITM was created: to protect against data loss and brand damage involving insiders either acting maliciously, negligently, or unknowingly. With ITM, Proofpoint empowers security teams to reduce insider threat risk and frequency, accelerate insider threat response and increase efficiency of their security operations.
Brief description of solution/service
Proofpoint Insider Threat Management is a SaaS solution that takes a people-centric approach to protect sensitive data from insider threats and data loss at the endpoint. By combining context across content, behaviour and threats, it provides deep visibility into user activities, helping security teams detect and prevent insider-led data breaches.
What technologies and/or innovations are applied/deployed in this solution/service?
Proofpoint ITM is built on the microservices-driven Proofpoint Information and Cloud Security platform. It gathers telemetry from endpoints, email and cloud, while webhooks into the platform make it easy for SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation, and Response) tools to ingest ITM alerts, so incidents can be identified and triaged faster. It monitors risky users by building watchlists based on criteria like a user’s role and data they interact with. It also considers their vulnerability to phishing and other social engineering factors, taking into account changes in employment status, other human resources and legal factors.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Aircastle Limited is an aircraft leasing company with offices in Singapore; it acquires, leases and sells commercial jet aircraft to airlines around the world. As a public company, Aircastle must carefully safeguard key financial information, including earnings to details of mergers and acquisitions to ensure sensitive data is not leaked prior to regulated disclosure dates.
Aircastle had been using a traditional endpoint DLP for data loss prevention, but ran into significant issues with time-consuming set-up, constant monitoring requirements, and system crashes. Additionally, DLP is difficult to run with just an IT team of six. Proofpoint’s ITM enabled Aircastle to receive rapid alerts on suspicious user activity – if, for example, an employee attempted to exfiltrate confidential financial information via a cloud storage service – and conduct investigations in a matter of minutes, rather than days.
Additionally, Aircastle is now aware of any insider activity impacting sensitive financial data and other valuable business files in near real time, and team members sometimes report out-of-policy behaviour they witness. With ITM, Aircastle is able to verify these claims with actual data.
What security-related issues did your organization desire to address with this solution/service?
Data privacy is a guideline for how data should be collected or handled based on its sensitivity and importance. Data protection provides tools and policies to restrict access to the data. Common methods used are encryption for confidentially and digital signing for integrity. Since 1983, Utimaco has been developing key management and hardware-based, high-security appliances (Hardware Security Modules). Utimaco is a world-market leader in both segments. Customers and partners of Utimaco in all parts of the world trust the company’s long-term, proven reliability and investment protection, as well as its many certified IT security standards. Utimaco stands for recognized product quality, user-friendly software, excellent support and trusted high security—made in Germany.
Brief description of solution/service
UTIMACO is a global platform provider of trusted Cybersecurity and Compliance solutions and services with headquarters in Aachen (Germany) and Campbell, CA (USA). UTIMACO develops on-premises and cloud-based hardware security modules, solutions for key management, data protection and identity management as well as data intelligence solutions for regulated critical infrastructures and Public Warning Systems. UTIMACO is one of the world's leading manufacturers in its key market segments.
What technologies and/or innovations are applied/deployed in this solution/service?
Cryptography, Key management, Identity management, Hardware Security Modules (HSM)
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Our solutions and services have been deployed in Singapore, Japan, India, Malaysia, Indonesia, Vietnam, Hong Kong and China across industries such as banking and finance, telco, manufacturing and the public sector (government).
Some significant achievements with these deployments include efficient and secured check clearance in banking and financial services, data production in public service and secure authentication in telecommunications.
What security-related issues did your organization desire to address with this solution/service?
Supporting global security and privacy regulations including GDPS, HIPAA, FIPS 140-2, MAS and many more, the CipherTrust Data Security Platform simplifies data security administration with ‘single pane of glass’ centralized management console that equips organizations with powerful tools to discover and classify sensitive data, combat external threats, guard against insider abuse, and establish persistent controls, even when data is stored in the cloud or in any external provider’s infrastructure. It offers advanced encryption and centralized key management solutions that enable organizations to safely store sensitive data in the cloud using BYOE and BYOK.
Brief description of solution/service
The CipherTrust Data Security Platform integrates data discovery, classification, data protection and unprecedented granular access controls, all with centralized key management. This solution removes data security complexity, accelerates time to compliance, and secures cloud migration, which results in less resources dedicated to data security operations, ubiquitous compliance controls, and significantly reduced risk across your business.
What technologies and/or innovations are applied/deployed in this solution/service?
CDSP centralize key management for both native and third party encryption security selected by organizations regardless of on-premise infrastructure and/or different cloud service provider.
Utilizing industries standards like KMIP, BYOK and HYOK, CDSP manages key life cycles from key generation, key in use, suspension and deletion to comply with stringent audit policy.
CDSP has tight integration with large SAAS providers to enhance the ownership of data when using SAAS.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
FSI, enterprises and Government sectors across APAC who need to migrate from on-premise to hybrid/multi-cloud in order to take advantage of the agility, and speed to market when they digitized their business and operations or take full advantage of the scalability of the public and still maintain of their sensitive data. An example of this technology being adopted - A highly regulated global energy company with operations in multiple countries needed to protect high-value data across multiple platforms. The organization was concurrently migrating most of its data centers to the cloud. The company had hundreds of Microsoft Azure subscriptions, and each used several key vaults, increasing the complexity for managing keys. The customer wanted a vendor-agnostic solution able to centrally manage and store keys on premises for multi-cloud deployments leveraging the bring your own key (BYOK) model.(https://cpl.thalesgroup.com/resources/encryption/high-value-data-security-case-study)
Other Notable case studies: https://cpl.thalesgroup.com/resources/encryption/high-value-data-security-case-study
What security-related issues did your organization desire to address with this solution/service?
Checkmarx delivers the most comprehensive application security platform for modern application development. If your
organization develops its own software, we understand your security challenges. For the developer, we seamlessly
integrate and automate security testing into your pipelines without slowing you down. We build AppSec into your team’s
DNA with the solutions, support, and guidance you need. We help to meet your release dates without compromise.
Maximize productivity, security, and your ROI.
Brief description of solution/service
Checkmarx is constantly pushing the boundaries of Application Security Testing to make security seamless and simple for
the world’s developers and security teams. As the AppSec testing leader, we deliver the unparalleled accuracy, coverage,
visibility, and guidance our customers need to build tomorrow’s software securely and at speed.
What technologies and/or innovations are applied/deployed in this solution/service?
1) AppSec Program Methodology and Assessment Framework which help assess organisation AppSec program’s current
maturity state and then recommend, discuss, and agree on a target state.
(2) An AppSec Platform that integrates one-click AppSec testing – application source code, open source packages, supply
chains, APIs, IaC, containers, and more. It quickly fix problems with minimal false positives to uncover critical
vulnerabilities. The platform also provides advanced correlation of the results from various scan engines.
(3) An interactive AppSec training platform which offers a just-in-time, interactive, gamified
lessons cover what developers need to know, and when they need to know it.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Checkmarx has deployed its solutions/services across all verticals and industries.
One example is in Financial Services where the company selected Checkmarx technology to improve the security of its
custom software by identifying vulnerabilities and providing remediation guidance early in the development process. The
Checkmarx AppSec Solutions resulted in these key benefits:
(1) Faster time to leverage acquired technologies – The company integrates security testing to DevSecOps initiatives
allowed developers to focus on improving the quality of software and services while automating the security analysis and
review. The company reduced its time-to-remediation by 83% and allocated greater efforts towards high value product
and user experience-related tasks, and brought services to users more quickly.
(2) Developer time savings/productivity gains - Time allocated for addressing vulnerabilities during software deployment
was reduced from 3 days to half a day following Checkmarx adoption. The company accelerated time-to-remediation to
secure code and improve customer satisfaction through the continual availability of its services.
(3) Improved security - Since deploying Checkmarx, the company has not experienced any security breaches or
complications related to unsecured code being deployed. The benefit this provides in customer trust and company
reputation is imprecise to quantify but cannot be ignored or understated.
What security-related issues did your organization desire to address with this solution/service?
Detect API threats and prevent attacks
API security risks and issues are not all discovered in source code alone. Monitor real-time traffic using AI and ML-based
detection to uncover data leakage, data tampering, data policy violations, suspicious behavior, and API security attacks.
Brief description of solution/service
The Complete API Security Platform
Proactively secure your environment from API security vulnerabilities, misconfigurations, and design flaws. Protect APIs
from attacks in real-time with automated detection and response.
What technologies and/or innovations are applied/deployed in this solution/service?
Deliver secure APIs faster
Shift Left with API security testing to stop vulnerabilities before they reach production. Utilize a suite of API-focused
security tests that can run on-demand, or as part of a CI/CD pipeline, to ensure that APIs aren't implemented with security
vulnerabilities.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Tonik – the Philippines’ first neobank
Noname API Security Platform provides Tonik with the means to validate the health of the APIs it uses. The neobank can
now have a complete, real-time inventory and monitor active APIs efficiently as well as discover and analyze legacy and
dormant APIs. The platform also enables the bank to actively test APIs before production so that it can identify potential
flaws in its software development lifecycle.
Noname Security was also chosen for its ease of use, Software-as-a-Service (SaaS) licensing model, non-intrusiveness, and
the ability to integrate with the bank’s back-end workflow solution.
With automated and dynamic tests built into API development, enterprises like Tonik can more effectively resolve any
security issues before they take root.
What security-related issues did your organization desire to address with this solution/service?
Although business productivity relies on uploading, sharing, and transferring information, accepting file uploads in web
applications and portals adds a significant security threat that many organizations are not effectively protecting against.
Organizations have also become more concerned with mitigating third-party risk in the wake of the SolarWinds
compromise, as well as with the significant rise in attacks against critical infrastructure organizations and the subsequent
emphasis on cybersecurity controls to protect these specialized environments and business critical sensitive information.
Brief description of solution/service
OPSWAT Application Security solutions protect organizations from cyberattacks and detect malicious payloads,
exploitable vulnerabilities, and hidden sensitive information in an easy-to-deploy, use, and monitor platform.
The solution is multi-platform integrated, with deployment available via API, ICAP, Containers, and more to support
different architectures that provide high availability, scalability, and throughput.
What technologies and/or innovations are applied/deployed in this solution/service?
OPSWAT Application Security solutions use multiple proprietary technologies for advanced-threat-detection and
prevention to provide a true zero-trust platform that protects organizations from malware and data breaches.
OPSWAT multiscanning technology provides detection rates close to 100% - by simultaneously scanning with the latest
anti-virus technologies using heuristics, NGAV, AI/ML, signatures, and more.
If there is malware hidden inside the content in the files being uploaded or transferred in a web application, a true zero-
trust standard requires prevention-based technologies in addition to detection. With Deep-CDR, organizations receive
safe-to-consume files that are processed within milliseconds without interrupting their workflow or impacting file
usability.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
OPSWAT's recent application security solution deployments include the top 10 largest companies on the Indian stock
exchange, big four banks etc.
With a robust and diverse suite of technologies integrated into a single, easy to deploy and use platform, OPSWAT was
able to cater for the different types of use-cases and provide a comprehensive solution with central management.
Example
A customer was facing the challenge of adhering to the strict secure data transfer mandates for banking applications and
needed a holistic cybersecurity solution inclusive of cloud deployments and automated file transfer systems, with a
centralized and unified management dashboard. They were also concerned about zero-day attack protection, meeting
regulatory compliance requirements. They also wanted the ability to manage multiple scan vendors under a unified
control with room for expansion.
Customer deployed OPSWAT MetaDefender Core ICAP Server on top of their Azure Container Instances (ACI) and
integrated it with an API Gateway. In conjunction with MetaDefender Core, they can validate all incoming files and scan for
malware to protect their infrastructure from malicious payloads and sensitive data loss. This combination of technologies
provides the customer scalable and effective protection against malicious traffic at the edge before it reaches their web
applications.
What security-related issues did your organization desire to address with this solution/service?
Web applications are a major vector for criminals seeking to penetrate network – 43% of breaches involve web application
according to Verizon – and the move to remote work intensified this shift. Barracuda found 79% of APAC organizations
suffered a successful security breach as a direct result of a vulnerability in one of its applications in 2021. Top application
security challenges include software supply chain attacks, vulnerability detection, and bad bots. As organizations are
struggling to keep up with the pace of new threats that are probing for new vulnerabilities, Barracuda Web Application
Firewall helps filling these gaps effectively.
Brief description of solution/service
Barracuda Web Application Firewall protects websites, applications, APIs, and mobile app backends against a variety of
attacks including the OWASP Top 10, zero-day threats, data leakage, and DDoS attacks. By combining signature-based
policies and positive security with robust anomaly-detection capabilities, it can defeat today’s most sophisticated attacks
targeting web applications.
What technologies and/or innovations are applied/deployed in this solution/service?
Barracuda Web Application Firewall is the next-generation firewall that offers Advanced Bot Protection using machine
learning to spot and block bad bots while allowing legitimate bot traffic to proceed with minimal impact.
It protects against all OWASP top 10 attacks with layered traffic processing engine and Smart Signatures that reduce
detection time and improve performance. With Application Learning, it adds automated Positive Security to enforce
security from URL down to parameter level.
To ensure only authorized personnel can access application backends and data, it integrates with AD, LDAP, and RADIUS,
giving granular control over which users can access what data.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
With the growing SaaS adoptions, web applications becomes target for bad bots or DDoS attacks. The Universiti of
Malaysia Perlis, which has multiple application servers, web services, and informational websites used by students and
staff on more than 30 different campuses, was looking for a solution to “ensure network performance, scalability and
foremost, to protect the multi-application environment from any loss of confidential data.”
“The university is subject to SQL injection attacks five to 10 times per hour,” said Nasrudin Abd Shukor, Director of
UniMAP’s Information and Communication Technology Center (ICT). By deploying Barracuda Web Application Firewall,
UniMAP gained protection from constant SQL injection and other malware attacks. All web traffic passing through the
firewalls uses HTTP and HTTPS protocols, providing secure, encrypted communication between university students and
lecturers on one end, and web applications on the other.
The dashboard made it easy to manage and monitor web applications across the network. “The Barracuda Web
Application Firewall’s intuitive, real-time interface enables our team to manage and monitor web applications across our
network. It is easy to use, and the installation process is smooth and quick, with the Barracuda Web Application Firewall
simply plugging in between data centers,” said Abd Shukor.
What security-related issues did your organization desire to address with this solution/service?
Drive DevSecOps integrations, provide seamless security integrations for a complete, Secure SDLC by shifting left. Support
cloud transformation for next-gen architectures. Secure modern web apps, and entire mobile app attack surface. Secure
software supply chain, detect risks in 3rd party software, protect source code integrity and DevOps pipeline.
Brief description of solution/service
Fortify drives software resilience for Modern AppSec Development with its SAST/ DAST/ MAST / SCA solutions. Fortify is
the only AppSec solution recognized as a market leader by Gartner, Forrester, IDC and G2. Fortify brings AppSec
capabilities through flexible deployment, including managed service, hosted deployment in cloud, or on-premises.
What technologies and/or innovations are applied/deployed in this solution/service?
machine learning based auditing for issues triage and false positive removal. SAST & DAST co-relation capabilities to
provide more context on vulnerabilities. Single, unified web dashboard to provide insights into the security posture of the
appsec journey. SaaS, on prem or hybrid deployment models.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Banking and Finance, Government, Telco, Healthcare, Life Sciences, Manufacturing, ICT companies, etc.
https://www.microfocus.com/media/case-study/doctors-on-demand-cs.pdf
What security-related issues did your organization desire to address with this solution/service?
IT infrastructure is becoming increasingly complex, resulting in disconnected security controls from disjointed security products and tooling ecosystems that are costly and difficult to maintain.
Akamai App & API Protector addresses this by protecting applications and APIs with less effort and overhead.
From a self-service onboarding wizard, which easily integrates and configures workflows, to self-tuning recommendations that automatically analyze triggers to apply exceptions, App & API Protector addresses common firewall issues responsible for intraorganizational friction and deployment challenges.
With machine learning and heuristics, false positive patterns are accurately identified on a policy-by-policy basis for the most relevant and actionable results.
Brief description of solution/service
Akamai’s App & API Protector is a cloud-based WAAP solution that protects applications and APIs from network and application layer threats-from web app business logic attacks and API abuse to bots – with a holistic set of powerful protections to secure business success, and ensure the highest security outcomes.
What technologies and/or innovations are applied/deployed in this solution/service?
Akamai App & API Protector combines adaptive threat-based detections with Akamai’s platform intelligence to identify and stop attacks.There has since been up to a fourfold increase in the median number of attacks identified across SQLi, XSS, RFI, and CMDi, with over a 5x reduction in false positives.
Bot visibility and mitigation capabilities – including a directory of over 1,500 known bots - are inbuilt to block bad bots. Self-tuning capabilities are incorporated, to ensure infrastructure are continuously analyzed with machine learning, complete with policy-by-policy recommendations.
Lastly, DevOps integrations ensure uniform management of security policies across large applications and multi-cloud infrastructures.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Akamai AAP hsa been used by the financial industry and system integrators in APAC. One of the largest System integrator in South East Asia chose to deploy the AAP to protect their web applications from web attacks as well as from DDoS volumetric attacks as malicious botnets were overwhelming their origin web servers and disrupting their media services.
The AAP provided them with visibility to identify and block all OWASP attack vectors (LFi, XSS, CMDi, SQLi) targeting their web applications. The adaptive security policy engine's rules could also adapt to the threats identified and block potential attackers at thecloud edge. Additionally, rules could be created without requiring coding knowledge or security expertise.
What security-related issues did your organization desire to address with this solution/service?
In the world of digital banking apps, security is paramount. FinTech app providers get third-party validation from an industry-leading application security company, and their customers can rely on the applications with confidence.
Brief description of solution/service
The Synopsys application security validation program provides rigorous software security assessments, including Coverity® static application security testing (SAST), Black Duck® software composition analysis (SCA), penetration testing, and code reviews.
What technologies and/or innovations are applied/deployed in this solution/service?
The Synopsys application security validation program provides rigorous software security assessments, including Coverity® static application security testing (SAST), Black Duck® software composition analysis (SCA), penetration testing, and code reviews. Coverity identifies critical software quality defects and security vulnerabilities to ensure code that is secure, higher quality, and compliant with standards. Black Duck SCA provides a comprehensive solution for managing security, quality, and license compliance risk that comes from the use of open source and third-party code in applications and containers. Synopsys managed penetration testing systematically finds and eliminates business-critical vulnerabilities in running web applications and web services.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
In the world of digital banking apps, security is paramount. That’s why Finastra, one of the largest FinTech companies in the world, partnered with the Synopsys Software Integrity Group (SIG) to bring world-class security to applications offered through Finastra’s FusionFabric.cloud, an open platform for developing, deploying, and consuming financial applications.
FusionFabric.cloud is designed to give FinTechs, financial institutions, students, independent developers, system integrators, and consultants access to a global marketplace of financial applications. A key requirement of making that marketplace viable is creating trust among all the parties involved.
The partnership ensures that applications offered via FusionFabric.cloud are vetted by the Synopsys application security validation program—rigorous software security assessments with the highest standards for security that include static application security testing, software composition analysis, penetration testing, and code reviews.
With the easily understood reports that the Synopsys security validation program provides, it’s a relatively simple process for Finastra team make decisions and provide feedback to the FinTechs.
As a result, a full 65% of the FinTechs that used the Synopsys security validation program were able to correct minor missing security controls. FinTechs quickly addressed the missing security controls with a corrective action plan.
What security-related issues did your organization desire to address with this solution/service?
The complexity of today’s cloud and hybrid environments makes it increasingly challenging for SOC teams to ingest
security-related data at scale and take action against advanced threats. By combining UEBA, SIEM, XDR, and SOAR into a
scalable cloud-native architecture, Securonix provides the industry’s first complete, end-to-end security operations fabric
for threat detection and response in modern environments.
Core capabilities of Securonix Next-Gen SIEM include:
• Cloud-native deployment – for quick ROI with minimal operational overhead and unlimited scalability
• Analytics-based approach to detect advanced threats
• Packaged content – providing out of the box threat detection and response
Brief description of solution/service
Securonix redefines SIEM for today’s hybrid cloud, data-driven enterprise. Built on big data architecture, Securonix delivers
SIEM, UEBA, XDR, SOAR, Security Data Lake, NTA and vertical-specific applications as a pure SaaS solution with unlimited
scalability and no infrastructure cost. Securonix prioritizes high-fidelity alerts with behavioral analytics technology that
pioneered UEBA.
What technologies and/or innovations are applied/deployed in this solution/service?
• Better visibility, actionability, and security posture, while reducing management burden
• Native integration with 3000+ third-party technology solutions to simplify security operations
• Fastest time-to-value due to the SaaS delivery model and out-of-the-box high-quality content
• Scale from a 100-person startup to S&P 100 global enterprise with fast security ROI and predictable cost
• Strong multi-cloud security monitoring capabilities with cloud-to-cloud API integrations
• Analytics driven approach with content aligned to MITRE ATT&CK framework to detect unknown threats
• ‘Bring Your Own AWS’ and ‘Bring Your Own Snowflake’ models that align with customers’ cloud strategies and business
needs
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Legacy SIEM solutions require customers to deploy and manage infrastructure components - from hardware to software,
wasting resources and increasing operational costs. This restricts threat investigators’ ability to fully utilize threat
monitoring across hybrid environments and inhibits them from keeping up with the ever-evolving threat landscape.
Many SIEM vendors cannot dynamically scale for fast search across archived data without throttling. Securonix empowers
analysts with cost-effective data storage options, like leveraging Snowflake data lakes, and provides nearly unlimited
scalability.
Core competitive differentiators include:
• Threat detection using behavioral analytics based on patented ML algorithms
• Cloud native, unified platform delivering SIEM, UEBA, XDR, and SOAR as a consolidated user experience, increasing
operations efficiency and reducing analyst fatigue
• Threat detection content delivered as a service, including business and application-oriented use cases, like healthcare
and SAP analytics
• ATS provides streamlined retrospective searches, identifying the presence of threat indicators without analyst
intervention
What security-related issues did your organization desire to address with this solution/service?
Digital transformation is driving a constant state of security change that’s hard to keep up with. The attack surface continues to sprawl exponentially, creating a flood of data.
InsightIDR addresses these challenges by unifying and transforming relevant security data from across a customer’s modern environment to tie together disparate data, detect real threats early in the attack chain, and provide security teams with high context, actionable insights, and automation to extinguish threats fast.
Rapid7’s lightweight Insight Agent, Collectors, APIs, and Network Sensors ingest data from across a user’s environment into one place, ending tab-hopping and multi-tasking, and accelerating detection and response.
Brief description of solution/service
InsightIDR unifies and transforms relevant security data from across a customer’s modern environment to tie together disparate data, detect real threats early in the attack chain, and provide security teams with high context, actionable insights and automation to extinguish threats fast.
What technologies and/or innovations are applied/deployed in this solution/service?
Unlike traditional SIEMs that put the burden of heavy rule configuration, detection telemetry integration, dashboard and reporting content curation, and incident response on the customer, InsightIDR provides:
● Elevated security outcomes — without elevated levels of work. With an intuitive interface, flexible search modes, and guides throughout, every analyst can be an expert.
● Cloud-scale and extended detection and response coverage across the modern environment.
● Trusted detections out-of-the-box, so teams can immediately leverage the detections library to unlock a set of up-to-date attacker behaviours and emergent threats.
● High-context investigations and automation to help teams accelerate IR and stay ahead of attackers.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
The higher education and professional services industries require internal and external intel for their networks, and a SIEM platform that is agile, adaptable, and built in the cloud to respond to today’s security threats.
University of Technology Sydney needed to protect ground-breaking research and PII of staff and students from state-sponsored hackers, ransomware, and phishing attacks. A full SaaS-based SIEM platform, InsightIDR saved time and improved IT productivity with its custom parser which enabled IT to ingest and correlate disparate data sources and reduce risk more efficiently. With InsightIDR it’s possible to conduct simple searches on users linked to security events and view all information on one screen with a single click.
SAI Global, a risk management, standards, and assurance firm that handles and stores highly sensitive and regulated data for clients, relies on InsightIDR to navigate a perfect storm of complexity and risk faced by distributed international teams. With clear intel and reports, InsightIDR not only increases security awareness consistently across the board, it makes security a shared responsibility. For example, the solution can analyse the behaviours of users connecting with and without the VPN and provide transparency into Office 365 connections, keeping the organisation safe.
What security-related issues did your organization desire to address with this solution/service?
Advanced cybersecurity threats can go undetected, raking up confidential data for prolonged periods of weeks or even months. With the delay in threat investigation, it can result in lengthy response times which translates directly into higher costs for firms.
Brief description of solution/service
The LogRhythm SIEM Platform delivers comprehensive security analytics, UEBA, NTA, and SOAR within a single, integrated platform for rapid detection, response, and neutralization of threats. It can be extended with XDR, cohesively connecting deep telemetry from endpoints, network and cloud sources to provide deep visibility into the extended network.
What technologies and/or innovations are applied/deployed in this solution/service?
The LogRhythm suite applies patented innovations to simplify the analyst’s workflows.
1. AI Engine identifies statistical deviations and behavioral abnormalities that occur in real-time using advanced pattern recognition.
2. TensorMist-AI moves compute power through data, eliminating data movement, instead of backhauling security data to a central resource for analytics.
3. MDI Fabric contextualizes log messages, providing intelligence into 800 unique data source types.
4. With MDI Fabric and a custom function built using Elasticsearch, analysts can do both structured and unstructured searches.
5. TrueTime™ processes the actual time of occurrence and corrects time zones, device clock, and collection offsets automatically.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
We help customers across various industries – including financial services, non-profit, real estate – mature their security operations to defend against cybersecurity threats.
One example is BRAC Bank, one of the largest banks in Bangladesh, which serves over two million retail, corporate and SME business customers. The bank needed an intuitive, automated solution that could provide real-time monitoring across their entire network to help them identify and address any vulnerabilities. With the LogRhythm SIEM Platform, the team achieved end-to-end visibility across its entire IT infrastructure and was able to reduce their mean time to detect (MTTD) and mean time to respond (MTTR) significantly. As a result, they were able to mature their security operations and were the first and only Bangladeshi bank awarded with ISO 27001:2013 certification for Information Security function, as well as ISO 18788:2015 certification for Security Operations Management System.
What security-related issues did your organization desire to address with this solution/service?
As the inventor of the YubiKey, Yubico makes secure login easy and available for everyone. The company has been a leader
in setting global standards for secure access to computers, mobile devices, and more. Yubico is a creator and core
contributor to the FIDO2, WebAuthn, and FIDO Universal 2nd Factor (U2F), and open authentication standards. YubiKeys
are the gold standard for phishing-resistant multi-factor authentication (MFA), enabling a single device to work across
hundreds of consumer and enterprise applications and services. Yubico is privately held, with a presence around the
globe.
Brief description of solution/service
As the inventor of the YubiKey, Yubico makes secure login easy with phishing-resistant MFA. Yubico is setting global
standards for secure access to computers, mobile devices, and more, and is a creator and core contributor to the FIDO2,
WebAuthn, and FIDO Universal 2nd Factor (U2F), and open authentication standards.
What technologies and/or innovations are applied/deployed in this solution/service?
Since the company was founded in 2007, it has been a leader in setting global standards for secure access to computers,
mobile devices, servers, browsers, and internet accounts. Yubico is a creator and core contributor to the FIDO2,
WebAuthn, and FIDO Universal 2nd Factor (U2F) open authentication standards, and is a pioneer in delivering modern,
hardware-based authentication security at scale. Yubico’s technology enables secure authentication, encryption, and code
signing and is used and loved by many of the world’s largest organizations and millions of customers in more than 160
countries.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Gojek is Southeast Asia’s leading on-demand, super app provider, connecting individuals with a wide range of services
including transport, payments, food delivery, logistics, and more. With more than 5,000 internal employees, Gojek
understood the necessity to secure company data, while also delivering a friendly user experience. As a G Suite-based
infrastructure, Gojek chose to work with Yubico to deploy YubiKeys for secure authentication. Employees saw a
significant reduction (nearly 50%) of the time to authenticate using a YubiKey compared with using a one-time password
(OTP) via SMS. Logins were nearly four times faster when comparing the YubiKey to Google Authenticator.
Atlassian is a leading provider of team collaboration and productivity software, with many remote workers in Australia,
Netherlands, United States, Japan, India, Philippines and Turkey. Atlassian builds collaboration and productivity software
to help teams organize, discuss, and complete shared work. With more than 4,000 employees and many ecosystem
partners, YubiKeys are able to address Atlassian’s need to simplify their employee’s authentication experience without
sacrificing strong security. Users could follow strong two-factor or multi-factor authentication, all with an intuitive, fast
and easy manner. And with strong phishing defense, YubiKeys enabled the workforce to stay protected against
sophisticated phishing attacks.
What security-related issues did your organization desire to address with this solution/service?
Leveraging Seos® as its underlying credential technology, HID Mobile Access significantly increases convenience, boosts efficiency, and maximises security. Administrators can create, manage, issue and revoke access credentials remotely over a highly encrypted cloud platform - further streamlining the administration and issuance process.
This eliminates face-to-face interaction to issue physical access cards to employees as they can simply use their mobile devices to access work premises. The ability to provision and deprovisioning of the digital credentials to individuals helps control the timing and the number of people accessing workspaces.
Brief description of solution/service
HID Mobile Access is a revolutionary technology which allows an individual’s mobile device (e.g., smartphone, tablet or wearable) to be used as a credential to gain access to secured doors, gates, networks, services and more, in a highly secure manner with convenience.
What technologies and/or innovations are applied/deployed in this solution/service?
Seos® as the credential technology and harnessing the built-in API, this promotes a full-fledged App based environment. With the growing importance of cloud-based access control solutions, mobile access control portals will provide great benefits to the Access Control as a Service (ACaaS) business model. The software resides on a server in the service provider’s data center and can be accessed via a web browser or mobile app.
HID Global’s patented “Twist and Go” technology allows users to unlock doors or open gates by rotating their smartphone, like turning a key. This provides an additional layer of authentication for added security.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
One of the leading integrated financial services providers in Asia, CGS-CIMB Securities International Pte. Ltd. (“CGS-CIMB”) deployed HID Mobile Access Solution. Security was one of the most important aspects of CGS-CIMB’s move into its new offices in Tower 2, Marina Bay Financial Centre (MBFC).
CGS-CIMB had been using HID physical access control cards and keypads for decades. To enhance its security measures, it migrated to a mobile solution for access control, and utilized an app-based solution called Habitap, one of HID’s technology partners, to control access to the main building and be aligned with MBFC’s solutions.
The Mobile Access solution with API functionality enables integration with the Habitap app to create a seamless tenant experience. By transitioning to HID Mobile Access to manage access within its office and secure rooms and to provide access to shared printers and staff lockers, CGS-CIMB employees have benefited from the convenience, speed, and safety of over-the-air activation of mobile access cards with native touchless functionality.
Among the most notable benefits of the company’s transition to HID Mobile Access are the solution’s ability to meet its stringent security requirements, as well current and future expectations - as needs evolve and technology advances over time.
What security-related issues did your organization desire to address with this solution/service?
Okta’s Customer Identity Solution enables businesses to provide enriching and delightful user experience, with the peace-of-mind that privacy and security of the user is maintained at all times. At a high level it secures user information by:
• Authentication ensures that the users logging into their accounts are who they say they are, preventing bad actors from accessing sensitive user data.
• Authorisation helps businesses confirm that a user has the right level of access to an application and/or resources—ensuring each user has access to what they need, when they need it.
• Comprehensive identity management allows administrators to update user access permissions and implement security policies, better enabling seamless and secure experiences.
Brief description of solution/service
Okta’s Customer Identity Solution provides a modern approach to customer identity and access management (CIAM), empowering digital-first organisations to connect their customers with their apps or services at any time, from any device, in a secure and safe manner across the full range of digital channels.
What technologies and/or innovations are applied/deployed in this solution/service?
Notable innovations in the Okta Customer Identity Solution include:
Passwordless Authentication - The adoption of password-less authentication is one of the most impactful steps that can help organisations manage a range of security risks and deliver on a seamless customer experience. Okta’s Customer Identity Solution offers a range of Factor Types across incremental Assurance Levels to build a passwordless journey including Email Magic Link, Factor Sequencing & Web Authentication.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
• SPH Media Trust (SMT): Okta built the foundation for a modernised subscriber-centric future
SMT is one of Singapore’s most respected media brands. SMT sees the reader experience as key to its future success. It requires seamless access to its publications for a positive user experience. This is the reason why the organisation has embarked on a Customer Identity Access Management (CIAM) modernisation project for its key publications.
To retain customer loyalty among its readers, SMT needed fast, secure, reliable access to its digital publications. Readers expect seamless logins via its platform called mySPH. At the same time, advertisers are looking for the best way to reach their target audience and gain maximum exposure to their ads.
Moving away from its legacy system that took a cookie-based approach, coupled with rising licensing costs, SMT needed the CIAM platform that could support both web and mobile access, while keeping the user experience as seamless as possible.
With Okta Customer Identity Solution, SPH Media achieved:
· 20 applications with 10 publications on-boarded to Okta in 6 months
· Over a million users now have seamless, secure access to SPH Media’s trusted sources of information
· 60,000 requests handled per minute thanks to Okta Access Gateway
· 99.99% system availability
SMT is also considering adopting Okta’s social logins as onboarding options and evolving security protections.
What security-related issues did your organization desire to address with this solution/service?
Due to the increase of digital banking transforming in APAC, security & risk managers requires a real-time approach to
online fraud detection and response with comprehensive use cases to adapt with day-by-day changing fraud behaviors
and tactics. Our solution completely provides real-time data monitoring tool from different log source and early alert
detection based on fraud risk playbooks which are customized by Viettel fraud analysts. Our solutions is recognized as
Fraud Prevention Winner of Cybersecurity Excellent Awards. VCS – F2DR saved millions of dollars for 10+ banking
companies in Vietnam, and protected 50 millions of user accounts from online frauds.
Brief description of solution/service
Viettel Financial Fraud Detection & Response is the pioneer solution to mitigate monetary fraud and increase end-user's
satisfaction for banks and financial institutions. We bring a comprehensive approach to prevent fraudster for different
use cases including promotional campaigns, new user development, etc. to protect the organization's budget and
reputation.
What technologies and/or innovations are applied/deployed in this solution/service?
Our detection engine is based on different scenarios using conditions on object’s profiles or the correlation conditions
between the object’s behavior, combined with built-in profiling and risk scoring technology. Our product is the one and
only vendor which provides ISP Indicator Early Detection feature, allowing near real time ISP data analysis for less than 2
minutes. VCS – F2DR is optimized to analyze 50,000 transactions per second and support up to 3 million users with only
2 – 3 basic servers meanwhile delay time of real-time event analysis is less than 3 seconds.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Our solution mainly focuses on banking and financial institution in APAC. In fact, one of the largest banks Vietnam with
more than 100 branches has deployed our solution since 2020. Our solution monitored a large account of 200
customers per day, which have been aimed by hackers and fraudster in order to take these accounts over, affecting to
reputation and financial assets of the bank. In addition, the system warns a large number of endpoint devices used in
attack activities on customer accounts, helping the bank to promptly blacklist to protect customers. Our process is
conducted into different phases to provide comprehensive approach for fraud protection:
- Advise fraud framework and use case
- Support configuration on top of products, integrate with log (mobile banking, internet banking, back-office)
- Detected alerts are grouped by fraudulent accounts
- Investigate by looking at the timeline of activities, device ID, IP, user agent, channel, etc.
- Automated report including number of alerts, number of users warned, number of fraud verification incidents, issues
requiring further investigation
During 06 months, a large amount of account (around 300 accounts) has been detected as promotional abuse, which
saved millions of dollars for banks during peak campaigns.
What security-related issues did your organization desire to address with this solution/service?
Along with the rise of ecommerce, we are seeing an increase in sophisticated fraud attacks. Fraudsters are targeting the account creation stage of the customer journey, not just the transaction. In the past year alone, more than half of ecommerce companies experienced an increase in promotion abuse. Individuals create multiple accounts to take advantage of limited-time promotions, hence resulting in significant losses for retailers. This type of activity has driven the need for stronger risk assessment measures at the account opening stage to limit the impact of fraudsters or keep them off a platform entirely.
Brief description of solution/service
Ekata, a Mastercard company, empowers businesses with digital identity solutions to enable frictionless transactions and combat fraud worldwide. Ekata’s identity verification solutions are powered by the Ekata Identity Engine, which combines sophisticated data science and machine learning to help businesses make quick and accurate risk decisions about their customers.
What technologies and/or innovations are applied/deployed in this solution/service?
The Account Opening API identifies potential bad actors from good customers during the online application process. Designed to support customer onboarding strategies, the Account Opening API aims to secure personal lending, prevent credit bust-out, and reduce application abandonment
Some key features of the Account Opening API include:
• Identity risk score – Comprehensive risk score that combines dynamic data across five core identity elements (name, phone, email, address, IP) as well as their usage patterns.
• Identity network score – Predictive risk score built on usage patterns of identity elements across real-world queries from Ekata’s network.
• Network signals – Returns three proprietary signals to assess the riskiness of the location address (IP last seen), the phone (phone last seen), and the relationship of the phone and email provided (phone and email first seen).
• Minimal input requirements – Only requires two common inputs to initiate the verification process: either phone or email and IP address. All other inputs are optional.
• Scalability – Flexibility to support massive, sustained query-per-second volume requirements while reliably retaining low latencies.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Ekata serves more than 2,000 customers worldwide, with many of the largest companies from the following categories: e-Retailers, Travel and Hospitality, Cryptocurrency, and Buy Now, Pay Later (BNPL) firms.
Using Ekata’s Account Opening solution, a global Fintech company providing a BNPL payment platform optimised their onboarding workflow to reduce friction for good customers and block fraudulent and high-risk applicants early in the onboarding funnel.
The company faced the challenge of putting too many good customers through high friction flows. Prior to implementing the Ekata solution, the company did not have a risk-specific identity verification solution in place. In pursuit of compliance, they sent all customers through the same Know Your Customer (KYC) workflow and relied on bureau data for KYC checks based on regulatory requirements in place.
This onboarding friction led to application abandonment, poor customer experiences, and lower customer loyalty. Rather than relying on the bureau’s static data to verify an applicant, the company explored verification options that could be derived from dynamic and behavioural data.
Through a joint testing collaboration effort in implementing Ekata’s Account Opening solution, the company was able to evaluate risk at the forefront of account creation before KYC checks were conducted. They were able to assess the riskiness of each application using our proprietary risk scores and signals, leading to the successful identification of customers of different risk levels and separate them into appropriate levels of step-up authentications. This has resulted in a 50% deduction in customer account creation drop-off before KYC checks and a 60% increase in frictionless verification.
What security-related issues did your organization desire to address with this solution/service?
Accelerating response time and reducing work load in the organization are the main points that VCS – CyCir wants to solve
for user. Currently, the number of alerts appearing on each organization is very large, including false positive alert. To
solve the above problem, VCS – CyCir are applied technologies to reduce false positive alert, support enrichment of
incident information or automatically handle incident according to a predefined process.
Brief description of solution/service
VCS – CyCir is one of the best-in-class SOAR solutions for large enterprises and government in South East Asia. Currently,
we have more than 20 clients in banking, financial institution and government. Our solution is recognized as the SOAR
award of the Excellence Cybersecurity Award.
What technologies and/or innovations are applied/deployed in this solution/service?
VCS – CyCir offers security operation platform delivering four main capabilities:
- Orchestration & Integration: Integrate with 100+ third party applications to coordinate information security solutions
on a single console
- Investigation: Support security analyst to investigate in root cause along with prioritized inbound security events, alerts
based on built-in case management
- Playbook: Define automated incident handling procedures
- Customizable report and configurable dashboards: Monitor the security situation of the organization, measure the
effectiveness of the operation team
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Our products have been applied to many customers in the banking industry, government and a number of individual
businesses in South East Asia. One of the largest customer is a telecom company capturing the largest market share in
Vietnam and other SEA countries. Our products has been deployed to many units in this company and the results have
been recognized by customers. Our solution has been integrated with current systems of this company to save money
and efforts of managed security monitoring. In fact, we have reduced 80% of manual tasks and accelerated 40% response
times. Our solution helps to simplify security operation and prioritize alerts, thereby reduce 50% false positive. In fact,
90% VCS - CyCir customer said our solution helped to reduce operational costs effectively and see payback value for less
than one year.
What security-related issues did your organization desire to address with this solution/service?
• Simplifies the analyst experience and streamlines end-to-end incident response cycle with a seamless workflow for
threat detection, investigation and response
• Securonix SOAR was built in the SIEM, not bolted on, so that enterprises have zero infrastructure to manage. Our unified
platform consolidates data sharing and delivers threat detection and response in a cloud-native architecture that evolves
with the enterprise
• In combination with Securonix SIEM or Open XDR, offers unified detection and response reporting to help enterprises
identify and address constraints in security operations, offering simple add-on licensing in line with our SIEM, with no
hidden costs
Brief description of solution/service
In synergy with Securonix Next-Gen SIEM and Open XDR, Securonix SOAR creates the industry’s first true end-to-end
cybersecurity operations fabric for threat detection, response, automation, and orchestration across endpoints,
networks, and the cloud.
What technologies and/or innovations are applied/deployed in this solution/service?
SIEM and SOAR – Better together
Our integrated SOAR offering simplifies the analyst experience and streamlines the end-to-end incident response cycle
with a seamless workflow for threat detection, investigation and response.
• Embedded SOAR: Seamlessly incorporate response actions into the SIEM policies without having to switch screens or
tools.
• Automated Playbook Actions: Remove complexity for analysts with out-of-the-box playbooks that cover the most
common use cases.
• Playbook Designer: Easily build additional use cases to meet your organization’s unique needs.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
A record number of APJ customers and managed service providers offering SIEM-as-a-Service (SaaS) have adopted
Securonix as a modern security analytics platform to replace their legacy SIEM solutions.
Securonix’s pure SaaS architecture providing complete visibility into complex cloud and hybrid environments, and new
‘Bring your own AWS’ and ‘Securonix with Snowflake’ programs have driven regional market traction highlighted by:
● 100 percent SaaS growth in annual recurring revenue (ARR).
● Expanding in SaaS footprint with new AWS pods in India and Australia to add to current pod in Singapore, with an
upcoming pod in Japan.
● 240 percent year-on-year new managed security service provider (MSSP) logo bookings growth.
● 100 percent year-on-year employee headcount growth, eclipsing 1,000 employees worldwide.
● Securonix was named a leader for the third consecutive time in the 2021 Gartner Magic Quadrant for Security
Information and Event Management (SIEM), positioned furthest for completeness of vision, and scored highest across all
three use cases in the 2021 Gartner Critical Capabilities for Security Information and Event Management (SIEM).
What security-related issues did your organization desire to address with this solution/service?
APT threats, lack of industry-focused threat intelligence, early detection of stealthy and sophisticated attacks, securing ICS
and IoT deployments from targeted attacks
Brief description of solution/service
Sectrio's IT-OT-IoT Security Solution is designed to detect and mitigate threats and vulnerabilities to IT, OT and IoT
deployments through early detection, contextual heuristics, adaptive threat intelligence and anomaly detection.
What technologies and/or innovations are applied/deployed in this solution/service?
This solution uses an AI-based adaptive threat intelligence features that allows it to scale to meet the dynamics of the
threat environment that surrounds the networks secured by the solution. For instance if a new malware loader is
introduced, the solution introduces programed bots that swarm the vector while simultaneously creating twins of the
network and assets being protected to confused and contain the vector
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Manufacturing, maritime and financial services
What security-related issues did your organization desire to address with this solution/service?
Ransomware is one of the most enduring threat faced by the cyberworld due to the clear monetization model and the
easy implementation of malware by cybercriminals. Common ransomware is widely spread via malicious spam campaigns
and exploit kits just to name a few.
To solve this, Kaspersky’s Total Security provides a comprehensive range of multilayered and next-generation threat
protection in one product. This product monitors and guards both Windows and Mac users with proactive technologies
such as Real-Time Antivirus, Trojan Remover and Instant Threat Detection
Brief description of solution/service
Kaspersky’s Total Security provides real-time defense against all cyber threats including Ransomware. Through Kaspersky’s
Total Security, customers get all-in-one protection against viruses, malware, ransomware, spy apps and all the latest
hacker tricks. It’s triple-layer protection system works 24/7 to secure devices with proactive detection, real-time
protection and instant neutralization.
What technologies and/or innovations are applied/deployed in this solution/service?
Kaspersky provides all internet-enabled devices, including Windows or macOS computers and laptops, tablets and
smartphones a complete defense against cyberthreats with a triple-layer protection system works around the clock to
protect consumers.
Through proactive detection (sandboxing, deep learning models, event correlation), Kaspersky locates device
vulnerabilities and threats. Network monitoring & anti-ransomware stope hackers breaking into one’s network and
intercepting data. Through real time anti-virus protection, it guards against common threats such as worms and Trojans
to complex one like botnets, rootkits and rogues. Lastly, advanced anti-malware neutralizes threats including spyware,
adware, keyloggers, spear phishing and hard-to-detect fileless attacks.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
The industries in Asia Pacific that this has been deployed in include: Banking and Financial Institutions, Government
Agencies, Telecommunications, Industrial and Healthcare. This has resulted in effective detection of threats along with
quick and intelligence-based responses which resulted in significant mitigation of financial losses. Threat intelligence
services like Kaspersky strengthens a company’s defence along with contributes visibility over the threat landscape by
providing relevant and applicable insights.
What security-related issues did your organization desire to address with this solution/service?
To address cyber security gaps effectively via game-changing disruptive innovations which mainstream and conventional
technologies fail to fulfill. For instance, detection-less sanitization, IP-address-less protection device, Password-less OTP-
less authentication, source-code-less Static Application Security Testing, human-less vulnerability assessment and
penetration testing.
Brief description of solution/service
To address cyber security gaps effectively via game-changing disruptive innovations which mainstream and conventional
technologies fail to fulfill. For instance, detection-less sanitization, IP-address-less protection device, Password-less OTP-
less authentication, source-code-less Static Application Security Testing, human-less vulnerability assessment and
penetration testing.
What technologies and/or innovations are applied/deployed in this solution/service?
To address cyber security gaps effectively via game-changing disruptive innovations which mainstream and conventional
technologies fail to fulfill. For instance, detection-less sanitization, IP-address-less protection device, Password-less OTP-
less authentication, source-code-less Static Application Security Testing, human-less vulnerability assessment and
penetration testing.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
The solution has been deployed successfully in more than 160 governmental agencies and large enterprises in Singapore
and the region. One important example is the protection of crowd jewel classified network of a large governmental agency
via detection-less sanitizer and unidirection data diode. The solution has the credential of protecting the highest office of
government and military bases for more than a decardes with zero incident.
With the solution, the crowd jewel enjoys high order protection via hardware data diode which is multiple fold stronger
than firewall. The device ensures uni-directional communicatoin via a fully hardware proposition. This, coupled with
detection-less santiizer, provides a strongly fortified crowd jewel segment by addressing the fallacies of mainstream
protection paradigms.
Specifically, the cyber protection landscape is cage in the decade-old paraidgm of detection approach. For example, anti-
virus, sandboxing, mahcine learning all are built on the same concept to use the most advanced technologies to detect
the bad actors. Unfortunately, in today's advanced threat landscape, we cannot really detect them in the first place.
Sanitization technology is therefore the way forward, the next big thing in cyber protection.
What security-related issues did your organization desire to address with this solution/service?
Much like every other industry, critical infrastructure has recently undergone rapid digital transformation. Technology that
powers food and agriculture, manufacturing, refineries and utilities is now connected to both external business partners
and the internet itself. Historically, these devices were physically separated from external networks by well-defined “air
gaps”. Today, a convergence of OT/ IT devices, along with an increasing dependency on the internet of things (IIoT), mean
air-gaps no longer truly exist.
Cyberattacks that begin in an IT network can traverse into an unsecured OT environment and impact the supply chain,
pushing cybersecurity teams to give OT environments increased attention.
Brief description of solution/service
Tenable.ot provides deep situational awareness into all assets of all types (IT & OT) across an organisation’s industrial
infrastructure. This enables organisations to proactively comply with security and compliance regulations, determine risk
position, identify indicators of compromise, in real-time.
What technologies and/or innovations are applied/deployed in this solution/service?
Visibility into converged IT/OT environments and ICS activity. Multi-detection engine that discovers high-risk events and
behaviours that threaten organisations. Automated alerts for policy violations and detection of deviations from network
traffic baseline. An integrated Intrusion Detection System to discover new attacks. Passive detection and patented
querying to identify configuration data and find threats to your network and OT devices. Up-to-date and detailed
inventory list with vulnerability and risk data to help you prioritise vulnerabilities and plan maintenance. Configuration
control with reports about changes to OT assets including programmable logic controllers (PLCs), distributed control
systems (DCSs) and human-machine interfaces (HMIs).
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Our customer base includes approximately 60 percent of the Fortune 500, approximately 40 percent of the Global 2000,
and large government agencies. We actively support organisations across key verticals such as government,
manufacturing, finance, retail, healthcare, transportation, technology, utilities, oil & gas.
Example:
With growing convergence between IT and OT and increased cyber threats, Stupp corporation required real-time visibility
into its programmable logic controllers (PLCs) and other ICS (Industrial Control Systems) devices. With the cost of
downtime reaching tens of thousands of dollars an hour, the security team needed real-time visibility and alerts to detect
external attacks, as well as insider threats and accidental or unauthorized changes to its controllers.
With Tenable.ot, the security team was able to get deep situational awareness of what’s happening in the OT network, who
made changes, and why. They saved significant time through automated discovery and tracking of all ICS assets.
What security-related issues did your organization desire to address with this solution/service?
While many security teams prioritise the traditionally well-protected subset of assets, cybercriminals are very focused on
the vastly expanded attack surface of assets. Assets that are not routinely monitored by security tools or tracked across
the attack surface are effectively invisible, and if left unchecked, carry an incalculable risk of exposure. By 2025, there will
be 3 times more non-IT assets in enterprises - between internet of things (IoT), operational technologies (OT), BYOD, 5G,
and cloud - than traditional IT devices, making it almost impossible to keep up with the pace of change.
Brief description of solution/service
Armis is the leading unified asset intelligence and security platform designed to address the new threat landscape that
connected devices create. Armis provides passive and unparalleled cybersecurity asset management, risk management,
and automated enforcement, across all managed, unmanaged, and IoT devices, including medical devices, operational
technology, and industrial control systems.
What technologies and/or innovations are applied/deployed in this solution/service?
Armis is the only cybersecurity company to provide complete visibility, vulnerability detection, and risk management to all
assets across the IT, enterprise, medical, operational technology, ICS, IoT, IIoT, cloud, and cellular-IoT, managed or
unmanaged, in all environments across multiple industries and sectors. Armis discovers every asset, identifies device type,
model, version, normal behaviour, and key data such as location, owner, configuration and vulnerabilities. Armis maps the
asset relationships, and assesses its risk in real-time, identifying anomalous behaviour and threats. Armis' integration with
more than 100 security tools orchestrates a near-instant response to attacks, enabling continuous security for every
asset.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Armis helps enterprises in all sectors and industries to protect against unseen operational and cyber risks, increase
efficiencies, optimize use of resources, and safely innovate with new technologies to grow their business.
Takeda Pharmaceuticals, with 50 manufacturing facilities and outdated technology, was in desperate need of visibility into
its environment. Deploying the Armis solution has provided Takeda with consistent control across its network. “We're
about 65% of the way through the program and and we've already found a series of potential cyber risks that without the
Armis deployment we would have never had any idea that existed, so it has already paid for itself. The primary benefits
we've seen since deploying is that we have a lot more central, consistent control in an environment that before had no
standardization. We have a single asset repository and a single asset management solution for our entire manufacturing
network, which before was duplicated by 50 times. And, we've actually been so successful with the plant environment
that we are now applying Armis on the enterprise side,” said Mike Towers, Chief Security Officer, Takeda Pharmaceutical
Company.
What security-related issues did your organization desire to address with this solution/service?
Industrial organizations require cybersecurity to maintain cyber and operational resilience. Both objectives, however, are
growing increasingly out-of-reach. The culprit is the XIoT, a vast cyber-physical web spanning all greenfield and legacy
assets that underpin industrial operations. Despite its benefits, the XIoT’s cyber-physical connectivity is creating security
blindspots that pose risks to availability, integrity, and safety.
Claroty tackles these risks to ensure cyber and operational resilience are within reach. Its product portfolio delivers
purpose-built cybersecurity controls that identify, protect, monitor, and optimize all OT, IoT, and BMS assets, systems,
and processes in customers’ industrial environments.
Brief description of solution/service
Claroty empowers industrial, healthcare, and commercial organizations to secure all cyber-physical systems in their
environments: the Extended Internet of Things (XIoT). The company’s unified platform integrates with customers’ existing
infrastructure to provide a full range of controls for visibility, risk and vulnerability management, threat detection, and
secure remote access.
What technologies and/or innovations are applied/deployed in this solution/service?
Claroty utilizes proprietary Deep Packet Inspection technology to identify and monitor all assets in an enterprise's XIoT
infrastructure. This includes all proprietary protocols utilized by industrial, medical, and commercial equipment vendors.
Claroty also identifies all vulnerabilities, risks, anomalies, and threats in an environment, and leverages its industry leading
research team to provide the most comprehensive cyber resilience platform available.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Claroty’s customer base in APAC includes Coca-Cola EuroPacific Partners (Australia, Pacific, Indonesia), BHP, IRPC Public
Company Limited, Aboitiz Power, and over 100 others spanning the following industries: Automotive, Chemicals,
Consumer Products, Electric, Food & Beverage, Healthcare, Heavy Industry, IT Hardware, Mining & Materials, Oil & Gas,
Pharmaceuticals, Transportation, and Water & Waste.
IRPC Public Company Limited is a petrochemical complex in Southeast Asia that manufactures a range of petroleum
products, with a refinery that produces up to 215,000 barrels per day. The company needed to secure the growing
number of IoT devices being used to monitor, analyze, and implement changes to the operational environment. It also
needed to establish secure remote access to its production plant without the team having to be onsite, and to perform
real-time threat monitoring on remote users, during the COVID-19 pandemic.
This led IRPC to work with Claroty. Combined with Yokogawa’s SOC services, The Claroty Platform has empowered IRPC to
achieve real-time monitoring of ICS networks and processes; automatic tracking of changes to its OT and IoT assets;
detection of cyber threats, risks, and ICS process anomalies; and secure remote access functionalities across seven
production sites.
What security-related issues did your organization desire to address with this solution/service?
The SolarWinds, Florida water system, Colonial Pipeline, and JBS cyber incidents are a few examples of how devastating
cyber-driven disruption can be on critical environments. Critical infrastructure organizations – categorized as such
because of their critical nature to society – are extremely attractive targets to cybercriminals because of their high-value
assets. OPSWAT solutions are the first line of defense and tackles cybersecurity threats head-on, ensuring that the way of
life we all enjoy today is secure for tomorrow.
Brief description of solution/service
OPSWAT is one of the only CIP organizations that provide comprehensive security solutions for both IT and OT
environments that integrate together to provide the highest security
What technologies and/or innovations are applied/deployed in this solution/service?
OPSWAT believes in a zero-trust philosophy and is on a mission to protect the world’s most critical infrastructure from
malware and zero-day attacks. We believe that every file and every device pose a threat – at entry, at exit, and at rest – and
is what has driven OPSWAT to become the leading solutions provider for Critical Infrastructure Protection (CIP) with our
“Trust no file. Trust no device.” framework and portfolio of MetaDefender and MetaAccess solutions.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Deployment of OPSWAT’s leading Critical Infrastructure Protection (CIP) cybersecurity solutions includes the fourth
largest Security Services Organization in the world for the military segment in APAC.
With a comprehensive suite of Critical Infrastructure Protection Solutions from IT to OT, OPSWAT was able to bring unique
capabilities of multiple anti malware scanning engines, file-based vulnerability assessment and deep CDR with central
management and the ease of deployment to eliminate advanced malware and zero-day attacks.
An undisclosed government agency was looking for a platform to manage multiple AVs for scanning transient media and
to securing file upload for web portals and file sharing platform to protect their critical assets. With OPSWAT’s
MetaDefender Kiosk, we successfully solved the customer’s problems by eliminating the currently adopted complex
process of external drive scanning and adding a workflow process to secure their critical infrastructure. In addition to
that, the OPSWAT MetaDefender Core also implemented security for files uploaded on their web portals and file- sharing
platform. This combination of technologies provides the customer scalable and effective critical infrastructure protection.
What security-related issues did your organization desire to address with this solution/service?
To address mainly the cause of threats than the effect. For instance, to prevent context sensitive phishing email by
addressing its root causes of preventing APT from residing in the enterprise network via sanitization, rather than
deploying expensive anti-phishing platforms to address its causes.
Brief description of solution/service
To address cyber security gaps effectively via game-changing disruptive innovations which mainstream and conventional
technologies fail to fulfill. For instance, detection-less sanitization, IP-address-less protection device, Password-less OTP-
less authentication, source-code-less Static Application Security Testing, human-less vulnerability assessment and
penetration testing.
What technologies and/or innovations are applied/deployed in this solution/service?
To address mainly the cause of threats than the effect. For instance, to prevent context sensitive phishing email by
addressing its root causes of preventing APT from residing in the enterprise network via sanitization, rather than
deploying expensive anti-phishing platforms to address its causes.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
The special technologies have been deployed in protection of major energy plants in Hong Kong, and satellite bases in
undisclosed bases (NDA). These military strength protection technologies has been protecting these site with no incident
since more than a couple of years back.
What security-related issues did your organization desire to address with this solution/service?
Data centers house the bedrock of enterprises – applications and data. A data center firewall is the foundation for
comprehensive access and threat control, but also the conduit for the applications and data and need to deliver
consistent performance at all times to maintain competitive advantage. Hillstone X-Series is an industry-proven and
analyst recommended solution that helps customers see, understand and act on threats in order to keep their networks
hardened, and critical assets secure.
Brief description of solution/service
With carrier-class performance — scaling up to 1Tbps and supporting 1000 virtual firewall systems for multi-tenant
operation — the Hillstone X-Series delivers carrier-class infrastructure protection for cloud service providers and
enterprises looking for the utmost security in their data centers while achieving a superior TCO.
What technologies and/or innovations are applied/deployed in this solution/service?
Hillstone X-Series is a multi-tenant NGFW for service providers and enterprise data centers. It leverages Hillstone’s elastic
firewall infrastructure to separate the network layer from the application layer and the high-performance layer, allows
linear scalability, and enables high availability. It uses a proprietary twin-mode firewall platform to connect firewalls in
different data centers through dedicated data and control links, allowing for streamlined policy configuration,
visualization of traffic flow, and insurance of business continuity. CGNAT technology enables seamless transition from
IPv4 to IPv6. It’s a comprehensive VPN solution, with an intelligent QoS, and layer 2 to layer 7 protection protocols.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
The Hillstone data center solution has been deployed globally in production environments across all verticals and
industries, including Service Providers and Telcos. A network provider broadcasting nationally with over 40 channels
serving millions of viewers deployed the Hillstone X-Series to ensure Quality of Service, as well as support their growing
viewership. The growth in their business led to a higher demand for network security as well as operational efficiency,
including addressing and managing security issues in branch offices as well as production networks. The Hillstone
appliance supported entire live broadcasts, blocking over 100 million advanced attacks, and ensuring that there was no
outage or performance issues. It also provided visibility into the health and state of the network, provided secure and
enhanced performance, greatly reduced operational and maintenance costs.
Another example is a Tier 1 ISP, which had rapidly expanded its user base, and the effective utilization and preservation of
IPv4 addresses suddenly became an imperative. In addition, continued growth in device adoption and the corresponding
data usage increase was overtaxing the company’s network components, resulting in scalability issues. Deploying the
Hillstone solution helped extend the availability of existing IPv4 addresses, as well as increased data capacity with
scalability.
What security-related issues did your organization desire to address with this solution/service?
While many security teams prioritise the traditionally well-protected subset of assets, cybercriminals are very focused on
the vastly expanded attack surface of assets. Assets that are not routinely monitored by security tools or tracked across
the attack surface are effectively invisible, and if left unchecked carry an incalculable risk of exposure. If we add the
current geopolitical instability associated with Russia's invasion of Ukraine, the possibility of such cyberattacks increases.
Some sectors are particularly at risk due to their nature. Critical infrastructure, manufacturers, and healthcare providers
are sectors at risk.
Brief description of solution/service
Armis is the leading unified asset intelligence and security platform designed to address the new threat landscape that
connected devices create. Armis provides passive and unparalleled cybersecurity asset management, risk management,
and automated enforcement, across all managed and unmanaged assets, including IoT devices, operational technology,
and industrial control systems.
What technologies and/or innovations are applied/deployed in this solution/service?
Specifically designed to meet the needs of critical infrastructure organizations, and in conjunction with specialist services
partners and select system integrators like Kroll, Armis is the perfect fit to secure any environment. With its best-in-class
technology the platform maps your IT/OT inventory, and continually monitors asset behavior. Armis assesses risks to
critical infrastructure with contextual asset intelligence, allowing clients to have near real-time alerts for threats and
exploits. Armis integrates with partners to rapidly share data, enabling recommended policy changes, incident response,
operational management, and remediation.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Armis’ platform has been purpose-built to service the needs of any critical infrastructure sector, including energy,
pipeline, marine ports, and water and wastewater.
Armis entered the region in 2021 and does not yet have an Asia Pacific customer in the Critical Infrastructure space.
What security-related issues did your organization desire to address with this solution/service?
Industrial organizations require cybersecurity to maintain cyber and operational resilience. Both objectives, however, are
growing increasingly out-of-reach. The culprit is the XIoT, a vast cyber-physical web spanning all greenfield and legacy
assets that underpin industrial operations. Despite its benefits, the XIoT’s cyber-physical connectivity is creating security
blindspots that pose risks to availability, integrity, and safety.
Claroty tackles these risks to ensure cyber and operational resilience are within reach. Its product portfolio delivers
purpose-built cybersecurity controls that identify, protect, monitor, and optimize all OT, IoT, and BMS assets, systems,
and processes in customers’ industrial environments.
Brief description of solution/service
Claroty empowers industrial, healthcare, and commercial organizations to secure all cyber-physical systems in their
environments: the Extended Internet of Things (XIoT). The company’s unified platform integrates with customers’ existing
infrastructure to provide a full range of controls for visibility, risk and vulnerability management, threat detection, and
secure remote access.
What technologies and/or innovations are applied/deployed in this solution/service?
Claroty utilizes proprietary Deep Packet Inspection technology to identify and monitor all assets in an enterprise's XIoT
infrastructure. This includes all proprietary protocols utilized by industrial, medical, and commercial equipment vendors.
Claroty also identifies all vulnerabilities, risks, anomalies, and threats in an environment, and leverages its industry leading
research team to provide the most comprehensive cyber resilience platform available.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Claroty’s customer base in APAC includes Coca-Cola EuroPacific Partners (Australia, Pacific, Indonesia), BHP, IRPC Public
Company Limited, Aboitiz Power, and over 100 others spanning the following industries: Automotive, Chemicals,
Consumer Products, Electric, Food & Beverage, Healthcare, Heavy Industry, IT Hardware, Mining & Materials, Oil & Gas,
Pharmaceuticals, Transportation, and Water & Waste.
IRPC Public Company Limited is a petrochemical complex in Southeast Asia that manufactures a range of petroleum
products, with a refinery that produces up to 215,000 barrels per day. The company needed to secure the growing
number of IoT devices being used to monitor, analyze, and implement changes to the operational environment. It also
needed to establish secure remote access to its production plant without the team having to be onsite, and to perform
real-time threat monitoring on remote users, during the COVID-19 pandemic.
This led IRPC to work with Claroty. Combined with Yokogawa’s SOC services, The Claroty Platform has empowered IRPC to
achieve real-time monitoring of ICS networks and processes; automatic tracking of changes to its OT and IoT assets;
detection of cyber threats, risks, and ICS process anomalies; and secure remote access functionalities across seven
production sites.
What security-related issues did your organization desire to address with this solution/service?
- Attack surface management: Discover, normalize, and optimize data across all disparate security and networking technologies. Network modeling identifies exposure and compliance risk.
- IT/OT: Eliminate OT security blind spots, reduce risk, and maintain compliance with regulatory frameworks. Unlock complete visibility, analytics and automation across IT, OT, and hybrid cloud environments.
- Cloud adoption and migration: Analyze access to multiple cloud workloads in both public and private clouds. Reduce risk by validating access across hybrid environments.
- Security automation: Easily prioritize multiple remediation options. Automate simple tasks to fast-track SLAs. Develop an automated cross-functional ticketing process for effective policy updates.
Brief description of solution/service
to Security Posture Management to drastically reduce the likelihood of a breach. We identify where true exposure lies across IT, OT, and hybrid cloud environments, prioritize exploitable vulnerabilities, and identify remediation strategies – including mitigation options beyond patching.
What technologies and/or innovations are applied/deployed in this solution/service?
The most accurate exposure analysis: Identifying an exploitable vulnerability is only part of the equation. Unlike
others, we use network modeling to correlate vulnerabilities with a customer’s configurations and controls for path analysis.
Proprietary risk scoring: We calculate risk scores by factoring four critical variables, including CVSS severity, exploitability, asset importance, and exposure that is based on the security controls and configurations across the network.
Attack simulation: Our attack simulations attempt to exploit all vulnerabilities on all assets (even unscannable). Administrators can view simulation results including threat origin, network segment, business unit, or asset, to determine the best remediation approach.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Please check our new case studies on our website:
https://www.skyboxsecurity.com/#case-studies
Oil and gas: https://www.skyboxsecurity.com/resources/case-study/oil-gas-companies-accelerate-vulnerability-remediation/
Energy company: https://www.skyboxsecurity.com/resources/case-study/energy-company-vulnerability-control-case-study/
Service Provider: https://www.skyboxsecurity.com/resources/case-study/service-provider-reduces-firewall-management-costs/
What security-related issues did your organization desire to address with this solution/service?
Cloud and mobility are empowering businesses to be more agile and competitive. Employees, customers, and partners are
leveraging SaaS applications as well as the public cloud to deploy their own applications. The users accessing these
services are increasingly mobile and business is happening everywhere—and more likely off the corporate network than
on it. A legacy hub-and-spoke network and castle-and-moat security model, which worked well in the past, does not work
anymore. The cloud and mobile world requires a new approach to networking, a new approach to security.
Brief description of solution/service
The Zscaler Zero Trust ExchangeTM is a modern approach that enables fast, secure, connections and allows your
employees to work from anywhere, using the internet as the corporate network. The platform guarantees the shortest
path between your users and their destinations, providing comprehensive security and an amazing user experience.
What technologies and/or innovations are applied/deployed in this solution/service?
The Zscaler Zero Trust ExchangeTM features Zscaler Internet AccessTM(ZIA) and Zscaler Private AccessTM(ZPA). These
solutions leverage Secure Web Gateway, Cloud Application Visibility & Control, In-line Malware Prevention, AI-Powered
Phishing & C2 Detection, Advanced Data Loss Prevention (DLP), Out-of-Band Cloud Access Security Broker (CASB),
Standard Digital Experience Monitoring, Cloud-Gen Firewall & IPS, Cloud-Gen Sandbox, Attacker Deception, Dynamic risk-
based policy, Zscaler IRIS, Advanced CASB, AI-Powered Cloud Browser Isolation, Advanced Digital Experience Monitoring,
Risk-based policy engine, Unified agentless and agent-based access, App discovery, AI-powered app segmentation, User-
to-app segmentation, User-to-device segmentation, Workload-to-workload segmentation, App Protection, Integrated
deception, Privileged Remote Access and Cloud Browser Isolation.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
We have supported clients across a range of industries – from agriculture and transportation to healthcare and public
sector.
One organization that has benefited from our Zscaler Zero Trust ExchangeTM is one of the largest, and oldest, Tokyo-
based pharmaceutical company, Takeda. The company was undergoing a massive merger exercise with Shire PLC. With the
merger, the team had to integrate an incongruous patchwork of network hardware technologies. The merger also
accelerated Takeda’s migration to the cloud.
ZPA has enabled the IT team to:
Secure Takeda’s transition to fully-remote operations
Gain significant cost savings by retiring its firewall hardware and costly networks
Fast user experience for remote work
Another organization that has benefited from our solution is the Commonwealth Grant Commission (CGC) in Australia.
The agency was looking to replace its aging access infrastructure and improve performance to access cloud-based
solutions. With the Zscaler solutions, CGC’s staff have the flexibility to work from any location while still enjoying the
same level of security they would have when in the office. The roll-out also ensured that the COVID-19 lockdowns created
minimal disruptions as the team had to work remotely. It also helped CGC to realize significant cost savings.
What security-related issues did your organization desire to address with this solution/service?
Threat detection techniques have advanced from simpler network-based detection solutions to technologies focused on
improving detection times, alerting, and mitigating attacks in real-time. Solutions today must deliver detection and
remediation for all critical infrastructure and data. The Hillstone Server Breach Detection System, sBDS, detects, analyzes,
and blocks multi-layer, multi-stage threats that target critical servers and hosts. The flexibility and adaptability of sBDS is
what allows it to be a suitable protection solution for your critical assets. With sophisticated technology built on the well-
accepted cyber kill-chain and the upcoming MITRE ATT&CK framework, sBDS mitigates known and unknown threats.
Brief description of solution/service
Hillstone sBDS delivers comprehensive threat correlation analytics for advanced threat detection.
What technologies and/or innovations are applied/deployed in this solution/service?
Hillstone sBDS includes traditional signature-based technology and large-scale threat intelligent data modeling and user
behavioral analytics. It detects advanced threats including ransomware and crypto-mining malware. With deep threat
hunting analytics, it helps detect IOCs, locate risky hosts and servers, and restore the attack kill chain. sBDS detection
capability is enhanced to encompass application layer detection by utilizing various styles of advanced threat detection,
such as baseline modeling, abnormal behavior detection, unknown malware detection, and others. sBDS can digest
collected information thoroughly by assessing the risk via threat forensics, callback to a knowledge base, and elaborate
details on threat behavior.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Hilstone sBDS has been deployed in production environments globally, across major industries, including Higher
Education and Government. A regional government supporting half a million citizens distributed across multiple dozen
municipalities and provinces needed to protect their critical infrastructure and ensure 24/7/365 availability for its
stakeholders. They needed help to monitor network activity, increase visibility into internal device usage, and protect their
infrastructure against threats. The customer deployed the Hillstone I-Series sBDS, to help them identify advanced threats
that lurk within internal networks or are brought in from BYOD from their employees and users. Along with deep threat
analysis capabilities and network traffic analytics (NTA), sBDS detected attacks from unknown threats, to protect their
high-value critical servers and prevent them from leaking or stealing confidential data. It also detected IOC (Indicator of
Compromise) events and abnormal traffic, restored the threat attack chain, and provided broad visibility into the analysis
and mitigation of threat intelligence. The solution helped scan the internal network for lateral movements, filtered
suspicious activity and unauthorized data access, with an eye on network traffic between critical servers.
What security-related issues did your organization desire to address with this solution/service?
Today, there are too many surfaces to defend, too many siloes between teams, and too little context. VMware Carbon
Black Cloud simplifies the cloud security stack by consolidating multiple endpoint security and IT capabilities, minimizing
incidence-response downtime and enabling customers to operate faster and more effectively with built-in security.
Brief description of solution/service
VMware Carbon Black Cloud is a comprehensive solution that delivers cloud-native endpoint protection. It combines the
intelligent system hardening and behavioral prevention needed to keep emerging threats at bay while proactively
uncovering attackers’ behavior patterns, empowering defenders to stop emerging attacks, and analyzes over 1 trillion
security events per day.
What technologies and/or innovations are applied/deployed in this solution/service?
Next-generation antivirus and behavioral EDR; Managed alert monitoring and triage; Real-time device assessment and
remediation; Threat hunting and containment
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
VMware Carbon Black Cloud is used by industries in Asia Pacific that range from manufacturing and media to healthcare
and retail.
When the Philippines went into a nationwide lockdown in response to COVID-19, Accent Micro Technologies (AMTI)
provided laptops and mobile devices to its employees so they could continue to provide service to customers. To manage
and secure these devices, AMTI rolled out VMware Carbon Black Cloud to the devices remotely with minimal disruptions.
As a result, AMTI recorded its highest-ever growth in revenue and profitability in 2020, despite the crisis.
In another customer success story, VMware Carbon Black Cloud allowed Australia Post to securely manage devices,
including BYOD, to better support thousands of employees to securely work remote. Australia Post is fundamental to
Australia’s economy as an essential community service. It sends billions of items each year, has an extended workforce of
70,000, and has expanded into financial and identity services.
What security-related issues did your organization desire to address with this solution/service?
Qualys Cloud Platform provides an end-to-end solution, allowing enterprises to avoid the cost and complexities that
come with managing multiple security vendors. It automatically gathers and analyzes IT, security, and compliance data in a
scalable, state-of-the-art backend. Provisioning any of Qualys’ natively integrated security and compliance apps - twenty
and counting - is as easy as checking a box.With Cloud Agent technology, there’s no need to schedule scan windows or manage credentials for scanning. Continuous
Monitoring enables organizations to proactively address potential threats while real-time alerts notify security teams to
take immediate action.
Brief description of solution/service
The Qualys Cloud Platform offers continuous, always-on assessment of global IT, security and compliance posture for
enterprises with 2-second visibility across all IT assets, wherever they reside. It also includes automated, built-in threat
prioritization, patching and other response capabilities, providing a complete, end-to-end security solution that helps
organizations reduce risk.
What technologies and/or innovations are applied/deployed in this solution/service?
Whether on premises, at endpoints, on mobile, in containers or in the cloud, OT and IoT, Qualys Cloud
Platform sensors are always on, providing continuous 2-second visibility of all IT assets.
It provides an end-to-end solution to enable enterprises avoid the cost and complexities that come with managing
multiple security vendors.
• 8+ trillion data points indexed elasticsearch clusters
• 2+ trillion security events per year
• 6+ billion IP scans and audits per year
• 5+ billion Kafka messages per day
• 20+ apps - Integrated IT, security and compliance apps
• 99.9996% Six Sigma scanning accuracy
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Qualys Cloud Platform is used by a wide range of organizations across Asia Pacific to help them reduce cyber risk.
Hong Kong based G2A relies on the Qualys Cloud Platform to secure the world’s largest digital gaming marketplace.
Leveraging the Qualys Cloud Platform—G2A gathers rich, accurate data on vulnerabilities across its IT landscape: from
employee workstations in its offices to containerized applications on the Kubernetes platform. Paweł Kowalik, IT
Infrastructure Administrator, comments: Qualys solutions significantly outperformed other tools for vulnerability
management in terms of the depth and breadth of the information they provide. We also like the fact that we can access
detailed reports via the Qualys Cloud Platform, which are available to us 24/7.
JG Summit Holdings, Inc. has played a key role in serving its domestic markets across the Philippines. Gonz Gonzales, CISO
noted, “Whenever there’s a question about whether an asset is at risk, we trust Qualys dashboards to give us the answer
instantly. While we’ve seen an unprecedented number of zero-day exploits, Qualys solutions give us peace of mind that
our mission-critical systems are protected. Equally importantly, the rich data from the Cloud Platform is contributing to
faster and better-informed decisions on our defensive posture.”
What security-related issues did your organization desire to address with this solution/service?
While enterprises are increasingly using the cloud to drive innovation and digital transformation, the scale, complexity, and rate of change in cloud environments, combined with a lack of unified visibility into the various cloud services being used, often forces security teams to choose between slowing the pace of innovation or taking on massive amounts of unmanaged risk. InsightCloudSec features real-time, event-based detections and automated remediation to help organisations more quickly respond to security or compliance exposures across multi-cloud environments.
Brief description of solution/service
InsightCloudSec is a fully-integrated, cloud-native security platform that combines market-leading functionality across cloud security posture management (CSPM), cloud workload protection (CWP), infrastructure as code (IaC) security, and cloud infrastructure entitlement management (CIEM) to surface and eliminate risks caused by misconfigurations, policy violations, vulnerabilities, and identity and access management (IAM) challenges.
What technologies and/or innovations are applied/deployed in this solution/service?
InsightCloudSec’s agentless deployment and unified data model allow customers to see their entire multi-cloud footprint in a single place with shared terminology across cloud service providers, eliminating the need to translate vendor terms or develop separate policies for each cloud provider.
The product also features differentiated, event-based detections and automated workflows, enabling customers to automatically detect and remediate high-risk activities within 90 seconds of a change occurring in their cloud environment.
The depth and customizability of security and compliance checks across AWS, Microsoft Azure, Google Cloud Platform, Alibaba Cloud, and Oracle Cloud provide coverage that is unmatched by other solutions.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
One of the many benefits InsightCloudSec offers to customers across industries, including media, and technology, is the capability to detect and remediate risks for innovation in the cloud without compromise.
In the era of cloud streaming, when Discovery, Inc. was challenged to change the way it delivered content to consumers, it chose to transform into a cloud-first company. With InsightCloudSec, Discovery can now support multiple cloud service providers, enabling diverse business units to choose tools without creating chaos at the enterprise level or sacrificing security, availability, or compliance. Discovery embraced automation in their multi-cloud journey, allowing quick corrective action to resolve routine issues and productively streamlining issues requiring elevation.
Helping customers turn raw data into business outcomes with a multi-cloud integration and analytics platform, Qlik needed to implement a multi-cloud and compliance strategy that allows employees self-service in an increasingly complex environment. With InsightCloudSec, Qlik sees a higher rate of employee-initiated remediation across the board. Qlik also deploys scenarios of working environments for sales demos in about 15 minutes while ensuring RDP and SSH access is done by the corporate VPN, and that HTTPS access is behind a web application firewall, thereby allowing them to track and detect malicious activity.
What security-related issues did your organization desire to address with this solution/service?
Acronis Cyber Protect Cloud offers backup and recovery, a fast and reliable recovery of applications, systems, and data on any device, from any incident. Acronis’ anti-malware software offers next-generation, full-stack protection against malware, plus AI-based ransomware and cryptomining detection. Lastly, Acronis Cyber Protect Cloud provides security and management, offering a comprehensive, powerful endpoint management with an easy-to-use UI, saving IT resources.
Brief description of solution/service
Acronis Cyber Protect Cloud is the only solution that natively integrates cybersecurity, data protection and management to protect endpoints, systems and data. This synergy eliminates complexity, so service providers can protect customers better while keeping costs down.
What technologies and/or innovations are applied/deployed in this solution/service?
One of the first integrated data protection and cybersecurity solutions on the market that combines data backup, disaster recovery, and restoration with AI-powered anti-malware, cybersecurity and endpoint management features such as vulnerability assessment and patch management, URL filtering, drive health control, and forensics capabilities for a single comprehensive cyber protection tool.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Used by over 20,000 service providers to protect over 750,000 businesses.
What security-related issues did your organization desire to address with this solution/service?
Many organisations currently leverage consultant-driven exercises to understand if they are vulnerable to cyberattacks.
However, these point-in-time exercises no longer enable organisations to defend themselves from emerging
vulnerabilities. Now, vulnerabilities can be discovered and exploited within hours, giving organisations a small window to
react and protect themselves. By leveraging our technology, combined with our expertise, the watchTowr Platform arms
organisations with this information. The watchTowr Platform is constantly updated and enhanced by a team of experts,
who codify adversarial tactics and techniques into the watchTowr Platform, automatically and continuously analysing
attack surfaces at scale.
Brief description of solution/service
watchTowr provides organisations with a continuous, real-time view of their external attack surface - through the eyes of
a sophisticated attacker. Pairing world-class technology, with some of the world’s best offensive cyber security experts,
watchTowr empowers organisations to continuously identify vulnerabilities that would allow an attacker to compromise
an organisation.
What technologies and/or innovations are applied/deployed in this solution/service?
watchTowr's Adversary Sight technology gives organisations comprehensive view of their external attack surface by
incorporating the same discovery tactics and techniques that real adversaries utilize. Its Continuous Assurance
technology mimics the persistence and aggression of real-world adversaries and the technology continuously probes
entire external attack surfaces for high-impact vulnerabilities. It also provides real-time reporting and insights: on-demand
reporting outputs aligned to cybersecurity regulatory guidelines and industry standards, is available via dashboard, APIs,
and in exportable formats. Because of these, organisations are given true attack surface visibility, real-time assurance, an
opportunity to act rapidly with scalable approach and no blind spots.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
watchTowr has deployed its services for some of the world’s leading banks, financial services, insurance companies (BFSI),
as well as ecommerce and technology brands in Asia Pacific. Given the nature of cyber security work, clients and specific
work cannot be shared - but the watchTowr Platform has identified numerous high-impact vulnerabilities across
organisations in BFSI, while at the same time delivering a 300-400% increase in attack surface visibility and enabling large
enterprises to react to vulnerabilities like Log4Shell in 2 hours.
What security-related issues did your organization desire to address with this solution/service?
The threat landscape is constantly changing with the introduction of new technologies and attack vectors. Some of the most preeminent threats in recent years are zero-day application exploits, credential stuffing/account abuse, DDoS and ransomware. Having the visibility into whether the vulnerabilities are being exploited and the ability to mitigate them quickly is crucial as we continue to see zero-day attacks happening in increasing frequency. Edgio aims to provide a holistic solution in protecting all these application, botnet and DDoS attack with a single pane of glass to ensure these protective measures complement each others and improve operational efficiency in cybersecurity.
Brief description of solution/service
Edgio is an edge-powered ecosystem where developers have direct access to scaled, multi-layered, enterprise-grade security solutions and integrated tools for creating, managing, and deploying sites and applications—at sub-second speed-to-market. With security in our DNA, Edgio provides the most complete and powerful edge-enabled security solution that’s built on our massive 250Tbps edge platform.
What technologies and/or innovations are applied/deployed in this solution/service?
The Edgio App Security solution takes a multilayered approach to infrastructure protection and web application security to shield businesses and reputation from the latest in application-layer attacks. Our DDoS protection shields businesses against attacks designed to overwhelm infrastructure, and
our WAAP includes a unique dual WAF inspection mode to make it easier for implementation and analyzes proposed rule changes against live traffic with no interruption to performance. As a fully PCI compliant solution, Edgio protects businesses against OWASP Top 10 security risks, remote code execution (RCE), SQL injection (SQLi), cross-site scripting (XSS), credential stuffing, scraping, DDoS attacks, and other security threats.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
We recently witnessed one of the largest network layer DDoS attacks (UDP Flood) targeting one of our large e-commerce customers based in APAC that sells computers, mobile phones and their accessories. The attack originated from Europe and reached 355 Million Packets Per-Second (Mpps) despite the client being in Asia and they were immediately mitigated by Edgio’s PoPs in the EU, close to where the attack originated.
Edgio utilized our proprietary software-based DDoS mitigation system called Stonefish. The Stonefish system constantly samples all traffic coming through our 250Tbps global network and as soon as it detected the attack, it pushed a network filter to block the DDoS attack signature, all of these were done without impacting the customer at all since no attack ever reached the customer’s network. To
What security-related issues did your organization desire to address with this solution/service?
Data privacy is a guideline for how data should be collected or handled based on its sensitivity and importance. Data protection provides tools and policies to restrict access to the data. Common methods used are encryption for confidentially and digital signing for integrity. Since 1983, Utimaco has been developing key management and hardware-based, high-security appliances (Hardware Security Modules). Utimaco is a world-market leader in both segments. Customers and partners of Utimaco in all parts of the world trust the company’s long-term, proven reliability and investment protection, as well as its many certified IT security standards. Utimaco stands for recognized product quality, user-friendly software, excellent support and trusted high security—made in Germany
Brief description of solution/service
UTIMACO is a global platform provider of trusted Cybersecurity and Compliance solutions and services with headquarters in Aachen (Germany) and Campbell, CA (USA). UTIMACO develops on-premises and cloud-based hardware security modules, solutions for key management, data protection and identity management as well as data intelligence solutions for regulated critical infrastructures and Public Warning Systems. UTIMACO is one of the world's leading manufacturers in its key market segments.
What technologies and/or innovations are applied/deployed in this solution/service?
Cryptography, Key management, Identity management, Hardware Security Modules (HSM)
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Our solutions and services have been deployed in Singapore, Japan, India, Malaysia, Indonesia, Vietnam, Hong Kong and China across industries such as banking and finance, telco, manufacturing and the public sector (government).
Some significant achievements with these deployments include efficient and secured check clearance in banking and financial services, data production in public service and secure authentication in telecommunications.
What security-related issues did your organization desire to address with this solution/service?
Approximately 75% of security budgets go to preventing intrusion, and yet, over 80% of organizations have experienced a ransomware incident in the past 5 years.
Once the attacker has breached the network, they deploy a chain of attack tactics—aka The Midgame—moving laterally through the network, trying to get the largest blast radius for both exfiltration and encryption. They target assets like Linux machines, databases, and other devices that aren’t instrumented to try to evade detection
But the Midgame on the network is very noisy. And if you’re monitoring network behavior, it’s also very obvious. ExtraHop Reveal(x) 360 stops ransomware in the Midgame.
Brief description of solution/service
ExtraHop is a cybersecurity company providing AI-based network intelligence that stops advanced threats already inside your cloud, hybrid, and distributed environments. We apply advanced AI, behavioral analytics, and decryption to live network telemetry to detect, investigate, and respond 84% faster to post-compromise activity—including almost 90% of MITRE ATT&CK techniques.
What technologies and/or innovations are applied/deployed in this solution/service?
ExtraHop uses a suite of proprietary cloud-scale machine learning algorithms covering network behavior profiling, attack detection, and detection investigation. Examples of algorithms used include device clustering, device criticality inference, time-series analysis, anomaly detection, graph-based learning, and text classification. ExtraHop also applies a curated threat intelligence feed of IoCs for known threats. Real-time intelligence is derived from petabytes of anonymized threat telemetry collected daily by ExtraHop.
The company’s real-time stream processor transforms unstructured network packets into structured wire data at line-rate. With support for line-rate decryption and a fluency in over 70 enterprise protocols, ExtraHop Reveal(x) generates more than 4,600 built-in, network-derived metadata inputs for the multitude of behavioral and rules-based analysis to identify suspicious activities and threats.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
ExtraHop has been deployed across the financial services, government, healthcare and technology industries in Asia Pacific.
The Government Service Insurance System needed an effortless solution to make detection and response of suspicious activity easier. Jonathan Pineda, Chief Information Security Officer and Data Protection Officer, deployed Extrahop as it possesses the tools and reduces man hours.
Seokeun Jang, Head of Information Security Operation, NCSoft needed a solution that was easy to deploy and able to meet the large-capacity processing conditions that are required by their users. ExtraHop's real-time decryption of encrypted traffic, which ensures that any blind spots in traffic monitoring can be avoided, offering tremendous support beyond the deployment.
Vocus New Zealand, a leading provider of specialist fibre and network solutions, needed a detection and response solution that was easy to use and deploy, scalable, and could proactively analyse in real-time their corporate network and cloud traffic, as well as identify any anomalies on the VPN from remote users accessing the network.
Reveal(x) enables Vocus to support its decentralised workforce with real-time visibility, threat detection, and strong investigation capabilities that extend across its hybrid, multi-cloud environment, including the critical VPN infrastructure that supports its remote workforce.
What security-related issues did your organization desire to address with this solution/service?
Many organisations currently leverage consultant-driven exercises to understand if they are vulnerable to cyberattacks.
However, these point-in-time exercises no longer enable organisations to defend themselves from emerging
vulnerabilities. Now, vulnerabilities can be discovered and exploited within hours, giving organisations a small window to
react and protect themselves. By leveraging our technology, combined with our expertise, the watchTowr Platform arms
organisations with this information. The watchTowr Platform is constantly updated and enhanced by a team of experts,
who codify adversarial tactics and techniques into the watchTowr Platform, automatically and continuously analysing
attack surfaces at scale.
Brief description of solution/service
watchTowr provides organisations with a continuous, real-time view of their external attack surface - through the eyes of
a sophisticated attacker. Pairing world-class technology, with some of the world’s best offensive cyber security experts,
watchTowr empowers organisations to continuously identify vulnerabilities that would allow an attacker to compromise
an organisation.
What technologies and/or innovations are applied/deployed in this solution/service?
watchTowr's Adversary Sight technology gives organisations comprehensive view of their external attack surface by
incorporating the same discovery tactics and techniques that real adversaries utilize. Its Continuous Assurance
technology mimics the persistence and aggression of real-world adversaries and the technology continuously probes
entire external attack surfaces for high-impact vulnerabilities. It also provides real-time reporting and insights: on-demand
reporting outputs aligned to cybersecurity regulatory guidelines and industry standards, is available via dashboard, APIs,
and in exportable formats. Because of these, organisations are given true attack surface visibility, real-time assurance, an
opportunity to act rapidly with scalable approach and no blind spots.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
watchTowr has deployed its services for some of the world’s leading banks, financial services, insurance companies (BFSI),
as well as ecommerce and technology brands in Asia Pacific. Given the nature of cyber security work, clients and specific
work cannot be shared - but the watchTowr Platform has identified numerous high-impact vulnerabilities across
organisations in BFSI, while at the same time delivering a 300-400% increase in attack surface visibility and enabling large
enterprises to react to vulnerabilities like Log4Shell in 2 hours.
What security-related issues did your organization desire to address with this solution/service?
Virtualization technology exacerbates traditional security issues, leading to a lack of clear boundaries (edge) or visibility
into virtual workloads. Additionally, huge maintenance workloads exist in virtualized environments, due to the way that
virtual machines can be quickly deployed and retired, as compared to bare metal machine deployments, making security
administration a heavy overhead for security admins.
Brief description of solution/service
With a rich set of features and flexible compatibility with popular cloud platforms including AWS, Microsoft Azure, and
Alibaba cloud, CloudEdge is easily deployed as a virtual firewall delivering comprehensive cloud Infrastructure protection
for virtualized workloads.
What technologies and/or innovations are applied/deployed in this solution/service?
CloudEdge is equipped with a rich set of edge protection capabilities for North-South traffic in all clouds. To enable
network functions virtualization (NFV) deployment on telco clouds, CloudEdge supports high-performance networking
with SR-IOV, allowing for seamless carrier-grade security on mobile, wired, and IoT networks. It supports a wide range of
hypervisors, including VMware ESXi, Linux KVM, Xen and Hyper-V, ensuring complete cloud protection. Drop-in support
for VMware and OpenStack allows for protection framework everywhere regardless of underlying cloud platform, allowing
cloud security teams to create a standardized set of policies and enforcement that spans public and private cloud
environments.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
CloudEdge has been deployed in production environments across all industries globally, including Higher Education,
Telco and Manufacturing. For a Higher Education organization, CloudEdge delivered advanced threat protection, network
functions with high performance and simplified their network architecture which previously required a lot of rack space,
energy as well as lacked a unified management platform and operational flexibility. The institution served nearly 40K
students, 3000 faculty, as well as 200,000 alumni dispersed globally.
A large Telco who serviced 135 million subscribers worldwide needed to virtualize their IT environment, automate basic
operations, deliver high availability and high Quality of Service to keep their clients satisfied. CloudEdge not only met but
greatly exceeded user expectations in terms of resource usage, throughput, concurrent session, new session, and number
of NAT policies.
In the Manufacturing industry, a diversified transportation company who did business in 12 countries with 15 regional
offices, supported by over 400 employees, needed to access critical services in the cloud. The High Availability features in
different availability zones in the cloud provider addressed the customer’s requirements. Hillstone exceeded their
expectation with an easy-to-use user interface and solution features.
What security-related issues did your organization desire to address with this solution/service?
As cyberattacks get more prevalent, organizations need a security approach that inspects every traffic flow, not just
north-south, but also east-west. NSX makes operationalizing Zero Trust security attainable and efficient for applications
in data centers, and private and public cloud environments. Whether the goal is to lock down critical applications, create a
logical demilitarized zone in software or reduce the attack surface of a virtual desktop environment, NSX enables micro-
segmentation to define and enforce network security policy at the individual workload level. Data center operators can
now achieve levels of agility, security and economics that were previously unreachable.
Brief description of solution/service
Traditional firewall solutions are not able to deliver the scalability, agility, and cost effectiveness needed by today’s
security teams. VMware NSX Distributed Firewall is distributed, service-aware, and operationally simple—making it easy to
operationalize east-west security at the scale needed across today’s multicloud world.
What technologies and/or innovations are applied/deployed in this solution/service?
NSX Distributed Firewall (DFW) is a software-defined Layer 7 firewall purpose-built to secure multi-cloud traffic across
virtualized workloads. It provides stateful firewalling with IDS/IPS, sandboxing, and NTA/NDR—delivered as software and
distributed to each host. With complete visibility into applications and flows, NSX DFW delivers superior security with
policy automation that’s linked to the workload lifecycle. Unlike traditional firewalls that require network redesign and
traffic hair-pinning, NSX DFW distributes the firewalling to each host, simplifying the security architecture. This allows
security teams to easily segment the network, stop the lateral movement of attacks, and automate policy in a simpler
operational model.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
VMware NSX is deployed across industries in APJ.
To protect a business-critical, consumer-facing mobile application, a global telecommunications company based in the
region with 400 million users in more than a dozen countries needed to segment and secure large amounts of network
traffic on its in-house infrastructure. The company’s hardware-based firewall could not scale to protect all workloads and
traffic across dev/test, production and demilitarized zones.
Because the traffic was hair-pinned to and from the firewall appliances, the company experienced performance issues
during traffic spikes when new versions of the application were released. The traditional firewall also did not have enough
capacity in its rule tables to support all the rules required to protect the application’s complex back-end infrastructure.
The telecommunications company is replacing more than 200 firewall appliances with the VMware Distributed Firewall,
giving it a single firewall model and management console for the entire infrastructure. VMware simplifies operations for
the company and eliminates performance bottlenecks. Within the Distributed Firewall, security tags simplify management
of firewall rules by allowing policies to be expressed using tags rather than an IP address. This gives the company greater
agility and speed for adding new workloads, and moving or decommissioning existing ones.
What security-related issues did your organization desire to address with this solution/service?
Today, new technologies emerge and transform businesses, whether it's the Internet of Things (IoT), 5G technology, or the
adoption of cloud and mobile computing. Each of these new technologies adds new levels of risk, complexity, and cost to
securing the organization’s data and intellectual property.
As the pandemic continues to impact businesses, companies have increasingly adopted hybrid work models and
distributed work environments, which in turn increase cybersecurity risks for remote employees.
Furthermore, the increased sophistication, volume, and variety of threats include advanced persistent threats (APTs),
encrypted attacks, cybercriminal activity, spam, ransomware, and malware.
Brief description of solution/service
SonicWall award-winning next-generation firewalls (NGFW) provide the security, control, and visibility you need to
maintain an effective cybersecurity posture for your network. The next-generation platform gives you an edge over
evolving threats alongside performance and scalability. Designed for all sizes, SonicWall firewalls meet specific security
and usability needs cost-effectively.
What technologies and/or innovations are applied/deployed in this solution/service?
Next-generation firewalls (NGFWs), unlike their predecessors, deliver deeper security across wired and wireless networks,
combining TLS/SSL decryption, intrusion prevention, and network-based malware protection. NGFWs block sophisticated
threats as they are designed with scalable, multi-core hardware, and based on patented Real-Time Deep Memory
Inspection (RTDMI) and patented, single-pass, low latency, Reassembly-Free Deep Packet Inspection® (RFDPI) engines.
They identify intrusions and malware through payload inspection and repeated normalization and decryption to
neutralize advanced evasion techniques. RTDMI uses memory inspection, CPU instruction tracking, and machine learning
to recognize and mitigate cyberattacks including threats, identifying 442,151 “never-before-seen” malware variants in
2021 alone.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Over 500,000 customers globally use SonicWall Next Generation Firewalls (NGFW) ranging from governments, BFSI,
manufacturing, Energy and Utilities, High-Tech, IT/ITES, Retail, eCommerce, and Healthcare, to name a few. SonicWall
NGFWs secure IT assets including on-premise infrastructure, data centers, networks, hybrid and multi-cloud
environments, distributed and branch environments, mobile and remote workforce, etc.
SonicWall NGFWs were deployed for a large energy enterprise customer with a global footprint having offices in different
parts of the globe. Given the critical nature of the customer’s operations, the need for security was paramount, and
SonicWall NGFWs delivered:
Enterprise-grade protection
Improved Protection Capability and Security Effectiveness
High Performance and Reliability
Ease of Management and Visibility
Broad Platform Support and Flexible Deployment
Cost Effectiveness
What security-related issues did your organization desire to address with this solution/service?
As organizations adjust to work from anywhere model, the adoption of cloud services continues to expand. As a result, enterprises are looking at deploying SSE solutions to help them address their security architectures without compromising their network performance and connectivity. Aruba EdgeConnect Enterprise aims delivers business-first networking, reduced network complexity, improved application performance, and efficient connectivity between users and applications residing in the cloud and data center without compromising security all through the edge to the cloud
Aruba provides better, and faster networks fueling by the accelerating digital transformation today; and Aruba EdgeConnect SD-WAN covers businesses of all locations and any size to deliver consistent end user (and device) quality of experience and security policy enforcement.
Brief description of solution/service
The Aruba EdgeConnect Enterprise SD-WAN with its seamless integration of best-of-breed Security Service Edge (SSE) reduces networking complexity, improves application performance, and enables more efficient connectivity between users and applications residing in the cloud and data center. SSE is a security component of SASE that unifies all security services to provide both data and threat protection.
What technologies and/or innovations are applied/deployed in this solution/service?
Aruba EdgeConnect Enterprise provides customers with the freedom of choice to deploy
best-in-class security vendors with automated orchestration. The integration is done with leading network cloud security vendors, including Zscaler, Netskope, Check Point, McAfee, and more. SSE is an architecture that leverages advanced SD-WAN and cloud-delivered security without compromising functionality and is delivered by cloud security vendors such as Zscaler, Netskope and Check Point with the API or service orchestration integrations with SD-WAN platforms like EdgeConnect. This integration allows customers to deploy multiple best-in-class security partners in minutes with Aruba, and enables the secure connectivity of applications, across cloud providers, data centers and branch sites, fulfilling the first requirement.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Aruba’s EdgeConnect solution has been deployed to cloud and business-first enterprises across Asia Pacific (Southeast Asia, China, Japan, South Korea, ANZ, India).
For example, Cushman & Wakefield being one of the largest real estate services firms was pioneering the use of cloud services and platforms to empower its employees and customers worldwide. This required the organization providing users a fast and security access to critical applications across the globe. Aruba EdgeConnect SD-WAN platform enabled a business-driven WAN architecture that the organisation was able to integrate to provide application-based routing, traffic filtering and comprehensive SD-WAN capabilities such as path conditioning, quality of service (QoS), and dynamic path control. The organization also leveraged on SSE that provided each location with local internet breakout while enforcing security controls over traffic flow. By consolidating on the EdgeConnect platform and adopting Zsclaer cloud security, Cushman & Wakefield expects to see OPEX savings of $1.5 million per year.
What security-related issues did your organization desire to address with this solution/service?
Cloud and mobility are empowering businesses to be more agile and competitive. Employees, customers, and partners are
leveraging SaaS applications as well as the public cloud to deploy their own applications. The users accessing these
services are increasingly mobile and business is happening everywhere—and more likely off the corporate network than
on it. A legacy hub-and-spoke network and castle-and-moat security model, which worked well in the past, does not work
anymore. The cloud and mobile world requires a new approach to networking, a new approach to security.
Brief description of solution/service
The Zscaler Zero Trust ExchangeTM is a modern approach that enables fast, secure, connections and allows your
employees to work from anywhere, using the internet as the corporate network. The platform guarantees the shortest
path between your users and their destinations, providing comprehensive security and an amazing user experience.
What technologies and/or innovations are applied/deployed in this solution/service?
The Zscaler Zero Trust ExchangeTM features Zscaler Internet AccessTM(ZIA) and Zscaler Private AccessTM(ZPA). These
solutions leverage Secure Web Gateway, Cloud Application Visibility & Control, In-line Malware Prevention, AI-Powered
Phishing & C2 Detection, Advanced Data Loss Prevention (DLP), Out-of-Band Cloud Access Security Broker (CASB),
Standard Digital Experience Monitoring, Cloud-Gen Firewall & IPS, Cloud-Gen Sandbox, Attacker Deception, Dynamic risk-
based policy, Zscaler IRIS, Advanced CASB, AI-Powered Cloud Browser Isolation, Advanced Digital Experience Monitoring,
Risk-based policy engine, Unified agentless and agent-based access, App discovery, AI-powered app segmentation, User-
to-app segmentation, User-to-device segmentation, Workload-to-workload segmentation, App Protection, Integrated
deception, Privileged Remote Access and Cloud Browser Isolation.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
We have supported clients across a range of industries – from agriculture and transportation to healthcare and public
sector.
One organization that has benefited from our Zscaler Zero Trust ExchangeTM is one of the largest, and oldest, Tokyo-
based pharmaceutical company, Takeda. The company was undergoing a massive merger exercise with Shire PLC. With the
merger, the team had to integrate an incongruous patchwork of network hardware technologies. The merger also
accelerated Takeda’s migration to the cloud.
ZPA has enabled the IT team to:
Secure Takeda’s transition to fully-remote operations
Gain significant cost savings by retiring its firewall hardware and costly networks
Fast user experience for remote work
Another organization that has benefited from our solution is the Commonwealth Grant Commission (CGC) in Australia.
The agency was looking to replace its aging access infrastructure and improve performance to access cloud-based
solutions. With the Zscaler solutions, CGC’s staff have the flexibility to work from any location while still enjoying the
same level of security they would have when in the office. The roll-out also ensured that the COVID-19 lockdowns created
minimal disruptions as the team had to work remotely. It also helped CGC to realize significant cost savings.
What security-related issues did your organization desire to address with this solution/service?
As the remote/ hybrid workforce increases, secure access anywhere, anytime, and on any device has become critical.
Emails, collaboration tools, data, and application access create potential and exploitable vulnerabilities. According to the
2022 SonicWall Cyber Threat Report, ransomware attacks rose 105% year-over-year targeting government (+1,885%),
healthcare (755%), and education (152%.) primarily. As IT Operations deal with Bring Your Own Device (BYOD), Choose
Your Own Device (CYOD), Corporate-Owned Personally Enabled (COPE), establishing appropriate policies for each type
becomes cumbersome. Enterprise-managed devices depend heavily on user services and security teams, thus
necessitating a global, all-pervasive enterprise solution.
Brief description of solution/service
SonicWall Secure Mobile Access(SMA) solution provides anytime, anywhere, any device access to corporate resources,
bound by zero-trust granular access control. SMA delivers context-aware device authorization, and application-level VPN,
securing organizations while offering secure mobile access and identity-based privileges for fast, simple access to
applications, data, and resources.
What technologies and/or innovations are applied/deployed in this solution/service?
SonicWall SMA provides secure remote access to corporate resources, applying identity-based, policy-enforced access
controls, and application-level VPN as a hardened or virtual appliance in private clouds, ESXi, Hyper-V, AWS, or Microsoft
Azure public cloud environments
• “Always-On-VPN” for Improved security posture, and reduced threat surface area against ransomware or zero-day
malware
• Network visibility with context-aware device profiling and federated SSO using multi-factor authentication
• Central Management Server (CMS) for appliance management and reporting
• Dynamic licensing with SMA’s central management to reallocate licenses from off-peak locations to peak user locations,
alongside Spike license packs to scale user count
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
When countries experienced complete lockdown during the pandemic, business operations, availability, and productivity
was affected extensively. With employees unable to get to the office, organizations scrambled to provide access to their
network and applications as pre-pandemic most employees worked from their desks in their office. SMA solution helped
address the needs of a large number of organizations whether it was small, mid-sized, large, or government to cost-
effectively implement remote access technology to provide seamless access for their work-from-home or remote
employees within a matter of days and weeks.
SMA was implemented alongside the SuperMassive 9800 Enterprise NGFW at KL University, which has over 22,000 users.
The university wanted to protect itself from increasingly frequent and sophisticated cyberattacks, while also protecting
students from harmful content. The solution was particularly crucial in the light of the post-pandemic lockdowns of
2020, and the subsequent new normal. KL University was able to streamline its online learning platform to be able to
cater to the increased demand and diversify its course portfolio. Additionally, the always-on VPN combined with Multi-
Factor Authentication allowed for a significantly more secure environment, while also allowing content filtration, thus
achieving the university’s objectives cost-effectively and efficiently.
What security-related issues did your organization desire to address with this solution/service?
• Hackers are increasingly targeting smartphones with attacks. Mobile devices are everywhere and have access to practically everything, yet most users have sub-par mobile security in place, enabling hackers to have a heyday. Ivanti MTD enables enterprises to secure corporate and employee-owned devices against threats even when those devices are offline, assisting users to be more productive. Additionally it allows IT to identify users who have risky apps on their devices or apps that violate company policies and can disallow their use.
Brief description of solution/service
https://www.ivanti.com.sg/products/mobile-threat-defense
Ivanti Mobile Threat Defense leverages a multi-tiered approach to device, network, application and phishing protection and remediation to support the best security posture for organisations. It detects and remediates known and zero-day threats on both corporate and employee-owned mobile devices – even when those devices are offline.
What technologies and/or innovations are applied/deployed in this solution/service?
Machine learning, mobile threat detection, cloud-based phishing URL lookup
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Organizations across multiple industries in Asia Pacific have deployed Ivanti MTD to bolster their anti-phishing technical controls. Ivanti MTD offers on-device and cloud-based phishing URL database lookup to detect and remediate phishing attacks across mobile threat vectors, including text and SMS messages, instant messages, social media and other modes of communication, beyond just corporate email.
Phishing attacks leverage deception to trick individuals into clicking on malicious links that might download custom malware or redirect to a fake website that encourages them to divulge personal information. Hackers have been taking advantage of the COVID-19 pandemic by increasingly targeting mobile devices, which remote workers are using more than ever before to access corporate data, with phishing attacks.
Built into Ivanti’s leading unified endpoint management (UEM) product, MTD offers immediate, on-device phishing protection. There is no end user action required to deploy MTD on mobile devices that are enrolled in Ivanti’s UEM client; this is remotely managed by IT departments. As a result, organizations can achieve 100% user adoption, without impacting productivity. This is critical because if security gets in the way of productivity, users will find a way around it.
What security-related issues did your organization desire to address with this solution/service?
Existing cybersecurity solutions are focused on 6 of the 7 layers in OSI architecture, neglecting the physical layer. With the
X-PHY, we have addressed a glaring gap in the cybersecurity market, with this patented technological breakthrough. By
introducing an intelligent and self-learning layer of cybersecurity protection at the firmware level that functions as an
added hardware sensor, the X-PHY provides autonomous data protection on the SSD drive at physical layer.
Brief description of solution/service
The X-PHY® Cybersecure SSD is the world’s first AI-embedded firmware-based cybersecurity solution. The integration of
the X-PHY at the core of each device grants enhanced security across the entire spectrum of IoT devices, from mobile and
PCs, to servers, and core enterprise data storage.
What technologies and/or innovations are applied/deployed in this solution/service?
With the application of AI and ML, the X-PHY detects anomalies in behavioural data access patterns and effectively shuts
down potential known and unknown incursions in real-time, without the need for human intervention. This means that
the X-PHY effectively fences off Zero Day exploitation, providing protection against a range of cyberthreats including
viruses, hardware attacks, malware, ransomware and power glitches.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
We have worked with both public and private sector organisations to deploy the X-PHY Cyber Secure SSD. We have
collaborated closely with government agencies in Singapore like the Cybersecurity Agency of Singapore and Enterprise
Singapore - amongst other government agencies, in which our conversations remains confidential.
What security-related issues did your organization desire to address with this solution/service?
Built-in security features aren’t enough to protect businesses from next-generation cyberthreats. Whilst one might think
just adding-on multiple, disjointed technologies might be the solution to the problem, in reality it leads to management
complexity and reduces effectiveness of the business.
To solve this, Kaspersky Endpoint Security combines multi-layered, next-generation threat protection with additional
proactive technologies such as Application, Web and Device controls, vulnerability and patch management and data
encryption into an EDR-ready endpoint agent with an extensive systems management toolkit. This provides a
straightforward protection solution for businesses.
Brief description of solution/service
Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions
and services to protect businesses, critical infrastructure, governments and consumers around the globe. Kaspersky
Endpoint Security provides straightforward protection for businesses wherever they are heading.
What technologies and/or innovations are applied/deployed in this solution/service?
Kaspersky adopts a multi-layered approach to security. Unlike single endpoint solutions, the Kaspersky Endpoint
Detection and Response (EDR) class solution provides multi host event visibility and “heavy” methods of detection
(sandbox, deep learning models, event correlation) as well as expert tools for incident investigation, proactive threat
hunting and attack response. In addition, Kaspersky leverages Cloud threat intel through the Kaspersky Security Network
(KSN) to collect and analyze cybersecurity related data from millions of voluntary participants around the world to provide
the fastest reaction to new threats through the use of Big Data analysis, machine learning and human expertise.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
The industries in Asia Pacific that this has been deployed in include: Banking and Financial Institutions, Government
Agencies, Telecommunications, Industrial and Healthcare. This has resulted in effective detection of threats along with
quick and intelligence-based responses which resulted in significant mitigation of financial losses. Threat intelligence
services like Kaspersky strengthens a company’s defence along with contributes visibility over the threat landscape by
providing relevant and applicable insights.
What security-related issues did your organization desire to address with this solution/service?
Outdated detection and response approaches no longer work against threat actors increasingly using AI to scale their
attacks. BlackBerry’s CylanceGUARD offers a Predictive Advantage that prevents advanced threats, stopping the bad guys
at the door with pre-execution malware blocking. BlackBerry’s AI-enabled cybersecurity suite – with CylanceGUARD’s 24/7
expertise in preventing, monitoring and managing daily alerts – maximises security investment by preventing incidents
from occurring before they compromise data, operations or reputation.
Overall, CylanceGUARD optimises endpoint performance, reduces operational costs, and enhances productivity to
improve ROI. It also reduces cyber risk, maximises business operational uptime and eliminates threats as they appear.
Brief description of solution/service
CylanceGUARD® Managed XDR provides expertise and support to augment IT/security teams’ ability to detect, monitor,
respond to and prevent security breaches. It provides actionable intelligence to prevent threats, while minimising alert
fatigue, allowing in-house teams to focus on key priorities, rather than time wasted triaging alerts or recovering from
attacks.
What technologies and/or innovations are applied/deployed in this solution/service?
All BlackBerry Cylance products incorporate AI/ML. It powers all stages of the data lifecycle: ingesting, processing and
analysing data; correlating and amalgamating it into data lakes for contextual intelligence for customers. Cylance AI
provides superior malware prevention, neutralising cyberthreats before they exploit weaknesses and infiltrate systems.
• 24x7x365 multi-regional cover by expert analysts
• Cross-tool threat-hunting using telemetry from BlackBerry’s cybersecurity suite - CylancePROTECT, CylanceOPTICS,
CylancePERSONA, CylanceGATEWAY – and 3rd-party vendor sensors
• Integrated intelligence with vendors like Exabeam (XDR) 500+ data sources for best threat knowledge
• Cylance AI mobile device security to protect against phishing, malware, insider threats
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Bluebird Group, a digital-first transport company in Indonesia, deployed CylanceGUARD, BlackBerry's Managed Extended
Detection & Response (XDR) service. Bluebird has a complex vendor and partner ecosystem with thousands of endpoints,
including payment gateways, apps and APIs. They wanted to streamline customer experience, maintain data trust, and
protect modern and legacy infrastructure.
First successes were realised during implementation. BlackBerry Cylance AI immediately detected and remediated
cryptojacking malware before it could cause any damage. With BlackBerry XDR, Bluebird significantly improved its security
posture across the IT supply chain, proven by an independent review. Other benefits:
• Lightweight protection using minimal processing power
• No Internet connection required: users always protected, online and off (ensuring company-wide IT hygiene)
• Easy management: No signature updates reduce IT managers’ workload.
• Prevention first XDR minimized need/costs of recruiting specialist security skills
• New efficiencies, internal teams could focus resources on other projects, significant ROI:
o $1.8M Total benefit Bluebird expects to achieve over next three years.
o $1.1M Next Present Value (NPV) of the 3 year investment in this project
o 4.1 Months: payback period of investment in this project
o 191% return Bluebird expects from the investment as a percent of cost vs benefit
What security-related issues did your organization desire to address with this solution/service?
You can’t stop what you can’t see. Investigations that typically take days or weeks can be completed in just minutes.
VMware Carbon Black EDR collects and visualizes comprehensive information about endpoint events, giving security
professionals unparalleled visibility into their environments. It also allows threat hunting to scale across even the largest
of enterprises by combining custom and cloud-delivered threat intel through VMware Contexa, a full fidelity threat
intelligence cloud, as well as automated watchlists and integration.
Brief description of solution/service
VMware Carbon Black EDR provides advanced threat hunting and an IR solution delivering continuous visibility for top
SOCs and IR teams. It provides immediate access to a complete picture of an attack so teams can hunt for threats,
uncover suspicious behavior, and disrupt active attacks all within a single-lightweight agent.
What technologies and/or innovations are applied/deployed in this solution/service?
Next-generation antivirus and behavioral EDR; Machine learning
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
VMware Carbon Black EDR is used by industries in Asia Pacific that range from manufacturing and media to healthcare
and retail.
Japanese company COLOPL, Inc. is focused on building smartphone gaming applications and its games are featured
among the top in popular app stores. COLOPL leveraged VMware Carbon Black EDR to deliver better visibility to its
security team so they could move faster to proactively protect their diverse endpoint environment. VMware Carbon Black
Cloud EDR allows COLOPL to dramatically reduce the time spent on investigations and more quickly understand attacker
behaviors. Another Japanese company YMIRLINK notes the powerful features of VMware integrating EPP and EDR to allow
security professionals to easily and quickly respond to the latest threats and incidents.
A study conducted by Forrester notes that VMware customers achieve a 379% ROI in three years when replacing legacy
endpoint protection platforms with VMware Carbon Black.
What security-related issues did your organization desire to address with this solution/service?
We have addressed a glaring gap in the cybersecurity market with this patented technological breakthrough. By
introducing an intelligent and self-learning layer of cybersecurity protection at the firmware level that functions as an
added hardware sensor, the X-PHY provides autonomous data protection on the SSD drive. With the X-PHY in the market,
we have moved beyond traditional mindsets towards cybersecurity efforts – which relied heavily on software-based
solutions, that often struggle to identify and act on unknown threats.
Brief description of solution/service
The X-PHY® Cybersecure SSD is the world’s first AI-embedded firmware-based cybersecurity solution. The integration of
the X-PHY at the core of each device grants enhanced security across the entire spectrum of IoT devices, from mobile and
PCs, to servers, and core enterprise data storage.
What technologies and/or innovations are applied/deployed in this solution/service?
With the application of AI and ML, the X-PHY detects anomalies in behavioural data access patterns and effectively shuts
down potential known and unknown incursions in real-time, without the need for human intervention. This means that
the X-PHY effectively fences off Zero Day exploitation, providing protection against a range of cyberthreats including
viruses, hardware attacks, malware, ransomware and power glitches.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
We have worked with both public and private sector organisations to deploy the X-PHY Cyber Secure SSD. We have
collaborated closely with government agencies in Singapore like the Cybersecurity Agency of Singapore and Enterprise
Singapore - amongst other government agencies, in which our conversations remains confidential.
What security-related issues did your organization desire to address with this solution/service?
Account Takeover presents a significant new threat to business and over US$12B has been lost to spear phishing and
account takeover. Barracuda finds 1 in 5 organizations had an account compromised in 2021, and conversation hijacking
grew almost 270% in 2021 in the same year.
Hackers gain access to corporate email accounts through stolen credentials and use them to launch subsequent targeted
attacks. While traditional email filters only filter incoming, Barracuda Impersonation Protection uses AI to detects
advanced social engineering threats that evade traditional email security systems to protect user’s business and data.
Brief description of solution/service
Barracuda Impersonation Protection offers AI-based email protection against advanced threats from spear phishing and
account takeover that traditional email gateways can’t. It combines a global threat intelligence database and artificial
intelligence to stop email threats that traditional email protection can’t.
What technologies and/or innovations are applied/deployed in this solution/service?
Barracuda Impersonation Protection leverages machine learning to detect signs of malicious intent from both account
takeover attempts and attacks launched from compromised accounts. It learns organization's unique communication
patterns and can identify behavioral, content, and link-forwarding anomalies within organization, and to flag and
quarantine personalized fraudulent emails.
It integrates directly into Microsoft 365 and can automatically predict which employees are likely to be targeted, based on
their role and day-to-day access to sensitive information. It is also able to prevent attempts to compromise employee
credentials by automatically blocking targeted phishing emails that try to harvest employee passwords.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Email remains as the most widely used communication tool by organizations across all industries, which makes it the
number one threat vector for all businesses.
As healthcare becomes one of the key targeted industries during COVID-19, Avalon Biomedical Management, a leading
healthcare solutions provider headquartered in Hong Kong, saw an increase in email-borne threats mainly spam, spear-
phishing, and business email compromise. Its IT Manager was altered after receiving a call from finance asking him to
check a suspicious email from a supplier requesting money transfer into a different bank account. By running Barracuda
Email Threat Scanner, it detected over twenty complex phishing attacks that passed through email gateway and there was a
high risk of fraud.
“Because a business email compromise typically is content based fraud, Barracuda Phishing and Impersonation
Protection outsmarts attackers through the harnessing of artificial intelligence to analyze and detect signs of malicious
intent and deception,” said Ryan Lee, Avalon’s Senior IT Manager.
After deploying Barracuda Phishing and Impersonation Protection, it gained comprehensive protection against email-
borne attacks with increased productivity and mitigated the risk of financial loss and reputational damage. With
customized and detailed reports, he gained visibilities of vulnerable users and the methods used by attackers.
What security-related issues did your organization desire to address with this solution/service?
Many security providers have claimed the use of AI or ML to optimise or automate some aspects of their heuristics or
signature-generation processes. These tend to require a ‘sacrificial lamb’ – one company must get breached to provide a
solution, falling short of the full promise of AI. With cyberattacks on the rise, businesses can no longer apply an outdated
detection and response approach.
Prevention first stops threat actors at the door. BlackBerry’s Cylance AI offers Predictive Advantage (PA) that prevents
advanced threats. Its mature, unparalleled AI engine can determine a cyber threat before it’s run, and before it’s known.
Brief description of solution/service
BlackBerry Cylance AI set the standard among the first machine learning (ML) models for cybersecurity. Now in its seventh
generation, its AI model has trained on billions of diverse threat data sets over several years of real-world operation.
Proven performance: it detects and prevents harmful code in under 50 milliseconds.
What technologies and/or innovations are applied/deployed in this solution/service?
All products in BlackBerry Cylance's platform incorporate AI/ML. It powers all stages of the data lifecycle: ingesting,
processing, analysing data, through to correlating and amalgamating data in data lakes into contextual intelligence for
customers. Cylance AI provides superior malware prevention, effectively neutralising cyberthreats before they exploit
weaknesses and infiltrate systems.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Indonesian transport company Bluebird deployed CylanceGUARD, BlackBerry's Managed Extended Detection & Response
(XDR) service, including CylanceOPTICS and CylancePROTECT. Bluebird has a complex vendor/partner ecosystem,
thousands of endpoints. They wanted to streamline customer experience, maintain data trust, and protect modern and
legacy infrastructure.
Bluebird chose BlackBerry’s AI-enabled software and services for EPP, EDR and MDR; plus 24/7 access to skilled threat
experts, ensuring 'always on' hunting and analysis. CylanceGUARD has improved the security posture across Bluebird’s IT
supply chain, proven by an independent review:
• Cylance AI detected/remediated cryptojacking malware in first phase of rollout.
• Lightweight protection using minimal processing power
• No Internet connection required: users always protected, online and off (company-wide IT hygiene)
• Easy management: No signature updates reduce IT managers’ workload.
• Prevention first XDR minimized need/costs of recruiting security staff
• Driving efficiencies: internal teams could focus resources on other projects, significant ROI:
o $1.8M Total benefit Bluebird expects to achieve over next three years.
o $1.1M Next Present Value (NPV) of the 3 year investment in this project
o 4.1 Months: payback period of investment in this project
o 191% return Bluebird expects from the investment as a percent of cost vs benefit
What security-related issues did your organization desire to address with this solution/service?
Acronis Cyber Protect Cloud offers backup and recovery, a fast and reliable recovery of applications, systems, and data on any device, from any incident. Acronis’ anti-malware software offers next-generation, full-stack protection against malware, plus AI-based ransomware and cryptomining detection. Lastly, Acronis Cyber Protect Cloud provides security and management, offering a comprehensive, powerful endpoint management with an easy-to-use UI, saving IT resources.
Brief description of solution/service
Acronis Cyber Protect Cloud is the only solution that natively integrates cybersecurity, data protection and management to protect endpoints, systems and data. This synergy eliminates complexity, so service providers can protect customers better while keeping costs down.
What technologies and/or innovations are applied/deployed in this solution/service?
One of the first integrated data protection and cybersecurity solutions on the market that combines data backup, disaster recovery, and restoration with AI-powered anti-malware, cybersecurity and endpoint management features such as vulnerability assessment and patch management, URL filtering, drive health control, and forensics capabilities for a single comprehensive cyber protection tool.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Used by over 20,000 service providers to protect over 750,000 businesses.
What security-related issues did your organization desire to address with this solution/service?
Email fraud happens more commonly than people think and among one of the costliest types of cyber attacks, costing organisations nearly $2 billion every year globally. A survey from Proofpoint found that 77% of organisations faced BEC (business email compromise) attacks in 2021, and they can be hard to detect. With email being the number one threat vector, traditional approaches are falling behind when it comes to growing volume and analysis to spot emerging threats, which is why automating email data can help organisations deal with new methods of carrying out email fraud.
Brief description of solution/service
Proofpoint’s Supernova Behavioural Engine focuses on stopping attempted business email compromise (BEC) scams. It can accurately uncover sophisticated email fraud attacks by analysing data to detect unusual email patterns. As the engine processes more data, it has evolved to be able to detect more types of phishing attacks.
What technologies and/or innovations are applied/deployed in this solution/service?
Artificial intelligence and machine learning contributes to the effectiveness of Proofpoint’s Supernova Behavioural Engine, where it constantly evolves through its content inspection and behavioural analysis to detect threats through a multi-layered approach. Proofpoint developed the Stateful Composite Scoring Service (SCSS) technology to improve automation, where a range of factors are constantly weighed to determine if messages are wanted or unwanted. Through machine learning, the engine can recognise patterns to detect new threats faster and adjust as attackers change their tactics, ultimately preventing a higher volume of BEC attacks when combined with human analysis for a holistic people-centric approach.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Introduced at Proofpoint’s Protect 2022 Conference, Proofpoint’s Supernova Behavioural Engine is a new product which builds on its existing email security solutions and its Advanced BEC (business email compromise) Defense model. Although it has yet to be implemented in the region, the engine has already delivered twice the improvement in BEC detection, stopping on average over 1.5 million BEC attacks attempts globally per month since its launch in May 2022.
It can hence improve on the protection of customers like PerkinElmer Inc, which currently uses Proofpoint Email Protection, Proofpoint Targeted Attack Protection, and Proofpoint Email DLP.
PerkinElmer is an organisation helping scientists, clinicians and lab professionals accelerate science through innovative detection, imaging and informatics solutions. With the rise in threat actors evading its existing solutions to deliver email-based phishing attacks, spoofed emails, and malicious URLs to employees, PerkinElmer’s security team lost nearly tenfold the number of hours combating these threats, and saw the need for innovative detection and remediation capabilities to fight these email-based threats.
Proofpoint’s solutions granted PerkinElmer increased protection by deterring BEC attacks, reducing malicious materials getting through by more than 90%. More importantly, it afforded PerkeinElmer greater flexibility to tailor cyber security defences throughout the company.
What security-related issues did your organization desire to address with this solution/service?
Ivanti Neurons offer comprehensive patch management and zero trust security solutions that can deploy and maintain the highest level of security across a company’s infrastructure, from cloud to edge, identifying and stopping threats before they can disrupt service. This hyper-automation platform empowers organizations to proactively and autonomously self-heal and self-secure devices, and self-service end users. It augments IT teams with automation bots that detect and resolve security vulnerabilities without impacting user productivity while improving the accuracy, speed and costs of IT services. With Zero Trust Authentication, every user, device, application and network is protected with continuous threat management —anywhere, anytime.
Brief description of solution/service
Ivanti Neurons continuously senses, discovers and remediates security threats before users know about them. It provides insights into the software landscape and application spend, enabling organizations to optimize asset performance throughout lifecycles. By enabling devices to self-heal and self-secure, and users to self-service, organizations can focus on productivity, not problems.
What technologies and/or innovations are applied/deployed in this solution/service?
AI, hyper-automation, real-time intelligence, data analytics
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Ivanti Neurons enables organizations to autonomously discover, manage, secure and service all assets in the Everywhere Workplace, including every endpoint and the IoT edge. The platform’s hyper-automation capabilities and self-healing capabilities allow it to detect and auto-remediate issues. Ivanti Neurons has been deployed by organizations across multiple sectors in Asia Pacific.
Customers of Ivanti Neurons experience over 50% reductions in support call times, eliminating duplicate work between IT operations and security teams, and reducing the number of vulnerable devices by up to 50%. Customers of Ivanti Neurons also reduce unplanned outages up to 63%, reduce time to deploy security updates by 88%, and resolve up to 80% of endpoint issues before users report them.
With Ivanti Neurons, customers benefit from real-time intelligence into the health, security, and performance of all devices from cloud to edge, enabling them to proactively detect and remediate vulnerabilities before they impact the business.
Customers can discover and manage devices, implement secure zero trust access with contextual automation, and deliver personalized employee experiences – not only improving productivity, but increasing operational speed, reducing costs, and enhancing quality of service. Ivanti Neurons enables customers to collaborate and innovate more freely, while reducing the risk of data breaches.
What security-related issues did your organization desire to address with this solution/service?
The increasing interconnectivity of systems, the bigger volumes of data and the migration to the cloud complicate IT
infrastructure management and increase the possibility of a cybersecurity breach. Organizations are facing the challenge
to secure a high level of monitoring and control in a hybrid environment, including both on-premise data centers and
private and public clouds. However, traditional approaches to monitoring fail to solve this.
With Flowmon, customers have comprehensive visibility into their networks from a single user interface, without swivel
chair management and manual aggregation of data. It also removes the need and the cost to maintain multiple tools.
Brief description of solution/service
Flowmon is a network detection and response tool utilizing an AI-powered engine combined with a number of advanced
techniques to detect the footprints of an ongoing ransomware attack in its early stages. It helps to isolate the problem
and ensure the network’s security before the ransomware starts spreading across.
What technologies and/or innovations are applied/deployed in this solution/service?
Flowmon incorporates several threat detection capabilities (machine learning-driven network traffic monitoring, behavior
analytics, anomaly detection and deep analytics) into a single platform to establish a single view of potential attacker
activity. With AI-based detection, users can leverage a state-of-the-art detection engine that uses entropy modeling and
machine learning to detect cybersecurity breaches in the organization’s network traffic. In addition, Flowmon’s wire-speed
performance, ability to cover all types of networks (Cloud, SND, on-premises, hybrid), encrypted traffic and near-unlimited
scalability set it apart from other solutions.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Flowmon has 1,500+ clients worldwide and is used across multiple industries. In the APAC region, it is used by
companies in the areas of construction & property, education, financial services, healthcare, hospitality, IT,
telecommunications, transportation, and others.
Sakura Information Systems offers a virtualization hosting service, based on “partitioning” a virtual machine for each
communication infrastructure. As not Sakura, but the respective user is responsible for the network design, in the event
of an overload or an attack, Sakura would find themselves lacking relevant information on a per user basis, which made it
impossible to resolve issues in the expected quality and timeframe. The issue was solved by introducing Flowmon
Collector with the ADS (Anomaly Detection System) optional extension. Among the deciding factors were Flowmon’s
license system based on disk capacity for storing flow data, not the number of monitored interfaces, as well as the
smooth deployment, which allowed Sakura to introduce Flowmon under normal daily operation.
“Flowmon was superior, including the ease of introduction, when considering the performance, desired functions, and
cost merits. There is no doubt that identification of the cause of issues has become easier than before.” - Inutake
Masahiro, ICT Service Team Leader
What security-related issues did your organization desire to address with this solution/service?
Visibility remains at the heart of cybersecurity because what you don’t know can hurt you. Digital transformation
initiatives and the shift to remote work has led to an explosion of new technologies, connecting everything from
containers to web apps to power grids (IT to OT). Against this backdrop, outdated tools and processes are being used to
solve today’s problems. As a result, organisations struggle at every step to see their IT, cloud and OT assets, detect
weaknesses, prioritise issues for remediation, measure risk, and compare to peers – preventing them from confidently
managing and reducing cyber risk.
Brief description of solution/service
Tenable’s Cyber Exposure Platform empowers organisations with the breadth of visibility into cyber risk across the
modern attack surface (IT, OT, AD, cloud, external assets) and the depth of analytics to communicate cyber risk in
business terms. Approximately 40,000 organisations rely on Tenable to understand and reduce cyber risk.
What technologies and/or innovations are applied/deployed in this solution/service?
As organisations struggle to address security issues in a timely manner, they need a focused list of vulnerabilities that are
most likely to be exploited by threat actors in the coming weeks. Our solutions contain data science, machine learning
algorithms and zero-day discoveries to monitor the activity around vulnerabilities and update prioritisation on a daily
basis. We are market leaders in CVE coverage, assessing over 70,000 vulnerabilities; leaders in zero-day research, with over
400 vulnerabilities disclosed since January of 2019; and in most cases our team provides coverage within 24 hours of
finding new vulnerabilities.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Our customer base includes approximately 60 percent of the Fortune 500, approximately 40 percent of the Global 2000,
and large government agencies. We actively support organisations across key verticals such as government,
manufacturing, finance, retail, healthcare, transportation, technology, utilities, oil & gas.
Example:
As part of its growth plan to leverage new technologies and big data across various subsidiaries, SOMPO Holdings
recognised the need for a unified infrastructure driven out of a Shared Service Center (SSC) to centralise IT functions and
streamline the security needs organisation-wide. Rolling out IT services would have otherwise been performed in silos by
each subsidiary and function putting a strain on resources.
To secure its unified infrastructure, SOMPO Holdings deployed Tenable.io® Vulnerability Management to detect and
reduce vulnerabilities based on business risk, Tenable.adTM to harden and monitor Active Directory (AD) in real-time and
Tenable® Lumin to visualize and track risk reduction over time.
What security-related issues did your organization desire to address with this solution/service?
Qualys VMDR 2.0 provides insight security and IT teams need to focus on the vulnerabilities that genuinely reduce risk.
Qualys beta customers with the TruRisk capability enabled prioritized on average 28% fewer critical vulnerabilities across a
sample size of 2.6 million assets and 74 million detections. Simultaneously, they were able to reduce risk on average by
23% and in some cases as high as 50%.
Qualys VMDR with TruRisk offers risk-based vulnerability management for unprecedented insights into an organization’s
unique risk posture to prioritize its most critical vulnerabilities across hybrid environments.
Brief description of solution/service
Qualys Vulnerability Management, Detection and Response (VMDR) 2.0
What technologies and/or innovations are applied/deployed in this solution/service?
Qualys TruRisk comprehensively quantifies risk across attack surface including vulnerabilities, misconfigurations, and
digital certificates. Risk is assessed based on business criticality and exploit intelligence from hundreds of sources to
proactively measure, track, and communicate risk.
Rule-based integrations with ITSM tools (ServiceNow, JIRA) automatically assign remediation tickets to vulnerabilities
prioritized by risk with dynamic tagging. Remedial actions and orchestration directly from ITSM close vulnerabilities faster
and reduce MTTR.
As part of Qualys Cloud Platform, QFlow technology delivers drag and drop visual no-code workflows to automate a
variety of time-consuming and complex vulnerability management tasks.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Qualys has more than 19,000 businesses in 130 countries as customers:
● Forbes 50 Retail: 8 out of 10
● Forbes 50 Technology: 7 out of 10
● Forbes 50 Auto Manufacturing: 7 out of 10
● Forbes 50 Telecom: 7 out of 10
● Forbes 50 Healthcare: 5 out of 10
● 66 percent of the Forbes 50
● 46 percent of the Forbes Global 500
● 25 percent of the Forbes Global 2000
Qualys’s industry-leading vulnerability management platform covers more than two trillion security alerts and more than
six billion IP scans and audits per year. This scale helps with faster insight into potential threats.
Qualys provides a business advantage around tool consolidation and security team efficiency. Companies can reduce
their security tool line-up significantly without sacrificing visibility or security.
The Qualys Cloud Platform is designed to grow with customers as they require new functionality, vulnerability
management and security coverage. This means that customers can grow their use of Qualys over time as they need to, as
well as reducing cost by replacing standalone security services or tools. Qualys Vulnerability VMDR is a complete service
for managing issues and remediation across all assets in real-time.
What security-related issues did your organization desire to address with this solution/service?
InsightVM offers the following key features to discover and remediate risks in a modern IT environment — including local, remote, cloud, containerised, and virtual infrastructure:
Full network scans: gain clarity into the risks across all endpoints, cloud, and virtualised infrastructure to fully understand your modern environment.
Eliminate vulnerabilities: prioritise risks and align traditionally siloed teams to bring a shared view and common insight to security, IT, and DevOps for efficient remediation.
Track and communicate progress: take a proactive approach to security and view risk in a real-time dashboard. Track and measure key metrics and communicate progress on program goals.
Brief description of solution/service
InsightCloudSec is a fully-integrated, cloud-native security platform that combines market-leading functionality across cloud security posture management (CSPM), cloud workload protection (CWP), infrastructure as code (IaC) security, and cloud infrastructure entitlement management (CIEM) to surface and eliminate risks caused by misconfigurations, policy violations, vulnerabilities, and identity and access management (IAM) challenges.InsightVM is a highly complete VM solution that supports the entire lifecycle of a VM program that customer security teams undertake, starting with initial asset discovery, to vulnerability scanning, to analysis/prioritisation, to remediation/mitigation, and reporting. It offers clarity into how vulnerabilities translate into business risk, including potential attacks.
What technologies and/or innovations are applied/deployed in this solution/service?
InsightVM’s unique ASM “Sonar Scan” capability enriches overall asset visibility, protecting customers’ exposure to external internet, a key attack entry point.
CVSS-based risk scores result in thousands of critical vulnerabilities. Our Real Risk Score provides a more actionable, 1-1000 scale based on the likeliness of an attacker exploiting the vulnerability in a real attack. Supported by threat feeds and business context, InsightVM lets customers prioritize vulnerabilities the way attackers would.
With an open RESTful API, organisations’ vulnerability data makes the other tools in their security stack (e.g., SIEM, firewalls, etc.) more effective to further reduce the security achievement gap.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Rapid7 customers across various industries, such as higher education, industrial services, healthcare, and social assistance, rely on InsightVM’s ability to detect risks across their entire infrastructure to support overall business goals.
University of Technology Sydney selected InsightVM for its superior reporting, user interface, and vulnerability detection to protect staff and students against growing cyber threats. InsightVM’s dashboard and asset criticality tags improve the efficiency of IT teams by ensuring a single-pane view of mission-critical systems and applications, and flagging outstanding critical patches. Rapid7 is fundamental in UTS’s transformation from a reactive security organisation to a proactive one.
SAI Global, a risk management, standards, and assurance firm, chose InsightVM to automatically assess and understand risk across its complex infrastructure, and reduce the vulnerability of highly sensitive and regulated data. With increased visibility, the company improved its IT resilience and accountability as siloed teams took responsibility for patching and remediation.
Wesley Mission Queensland, a not-for-profit community service provider for health and residential care, gained a new level of visibility with InsightVM to monitor and secure its frontline and remote workforce from cyber threats. With InsightVM, a relatively small team can now execute 24/7 monitoring of their environment and resolve problems efficiently.
What security-related issues did your organization desire to address with this solution/service?
Attack surface management: Discover, normalize, and optimize data across all disparate security and networking technologies. Network modeling identifies exposure and compliance risk.
- IT/OT: Eliminate OT security blind spots, reduce risk, and maintain compliance with regulatory frameworks. Unlock complete visibility, analytics and automation across IT, OT, and hybrid cloud environments.
- Cloud adoption and migration: Analyze access to multiple cloud workloads in both public and private clouds. Reduce risk by validating access across hybrid environments.
- Security automation: Easily prioritize multiple remediation options. Automate simple tasks to fast-track SLAs. Develop an automated cross-functional ticketing process for effective policy updates.
Brief description of solution/service
to Security Posture Management to drastically reduce the likelihood of a breach. We identify where true exposure lies across IT, OT, and hybrid cloud environments, prioritize exploitable vulnerabilities, and identify remediation strategies – including mitigation options beyond patching.
What technologies and/or innovations are applied/deployed in this solution/service?
The most accurate exposure analysis: Identifying an exploitable vulnerability is only part of the equation. Unlike
others, we use network modeling to correlate vulnerabilities with a customer’s configurations and controls for path analysis.
Proprietary risk scoring: We calculate risk scores by factoring four critical variables, including CVSS severity, exploitability, asset importance, and exposure that is based on the security controls and configurations across the network.
Attack simulation: Our attack simulations attempt to exploit all vulnerabilities on all assets (even unscannable). Administrators can view simulation results including threat origin, network segment, business unit, or asset, to determine the best remediation approach.
What industries and/or organizations in asia pacific have you deployed this solution/service? Please provide an example of what has been achieved with this deployment?
Please check our new case studies on our website:
https://www.skyboxsecurity.com/#case-studies
Oil and gas: https://www.skyboxsecurity.com/resources/case-study/oil-gas-companies-accelerate-vulnerability-remediation/
Energy company: https://www.skyboxsecurity.com/resources/case-study/energy-company-vulnerability-control-case-study/
Service Provider: https://www.skyboxsecurity.com/resources/case-study/service-provider-reduces-firewall-management-costs/
What security-related issues did your organization desire to address with this solution/service?
Enterprises globally face a major challenge, the security blind spot created by the exponential growth of connected assets.
Today, it is not only IT that is a concern, robots in industries, MRI machines in hospitals, or point-of-sale terminals in
retail, everything are connected to the enterprise network and therefore exposed to cybercriminals. In addition, by 2025,
there will be 3 times more non-IT assets in enterprises - between internet of things (IoT), operational technologies (OT),
BYOD, 5G and cloud - than traditional IT devices, making it almost impossible to keep up with the pace of change.
Brief description of solution/service
Armis is the leading unified asset visibility and security platform designed to address the new threat landscape that
connected devices create. Armis provides passive and unparalleled cybersecurity asset management, risk management,
and automated enforcement, across all managed, unmanaged, and IoT devices, including medical devices, operational
technology, and industrial control systems.
What technologies and/or innovations are applied/deployed in this solution/service?
Armis has the most robust partner ecosystem, supercharging hundreds of existing IT and security investments with real-
time threat detection using the world’s largest device knowledgebase, tracking more than two billion devices and growing.
No other cybersecurity provider can secure OT, ICS, IT, IoT, IIoT, and IoMT.
What security-related issues did your organization desire to address with this solution/service?
To address cyber security gaps effectively via game-changing disruptive innovations which mainstream and conventional
technologies fail to fulfill. For instance, detection-less sanitization, IP-address-less protection device, Password-less OTP-
less authentication, source-code-less Static Application Security Testing, human-less vulnerability assessment and
penetration testing.
Brief description of solution/service
To address cyber security gaps effectively via game-changing disruptive innovations which mainstream and conventional
technologies fail to fulfill. For instance, detection-less sanitization, IP-address-less protection device, Password-less OTP-
less authentication, source-code-less Static Application Security Testing, human-less vulnerability assessment and
penetration testing.
What technologies and/or innovations are applied/deployed in this solution/service?
To address cyber security gaps effectively via game-changing disruptive innovations which mainstream and conventional
technologies fail to fulfill. For instance, detection-less sanitization, IP-address-less protection device, Password-less OTP-
less authentication, source-code-less Static Application Security Testing, human-less vulnerability assessment and
penetration testing.
What security-related issues did your organization desire to address with this solution/service?
The threat landscape is constantly changing with the introduction of new technologies and attack vectors. Some of the most preeminent threats in recent years are zero-day application exploits, credential stuffing/account abuse, DDoS and ransomware. Having the visibility into whether the vulnerabilities are being exploited and the ability to mitigate them quickly is crucial as we continue to see zero-day attacks happening in increasing frequency. Edgio aims to provide a holistic solution in protecting all these application, botnet and DDoS attack with a single pane of glass to ensure these protective measures complement each others and improve operational efficiency in cybersecurity.
Brief description of solution/service
Edgio is an edge-powered ecosystem where developers have direct access to scaled, multi-layered, enterprise-grade security solutions and integrated tools for creating, managing, and deploying sites and applications—at sub-second speed-to-market. With security in our DNA, Edgio provides the most complete and powerful edge-enabled security solution that’s built on our massive 250Tbps edge platform.
What technologies and/or innovations are applied/deployed in this solution/service?
The Edgio App Security solution takes a multilayered approach to infrastructure protection and web application security to shield businesses and reputation from the latest in application-layer attacks. Our DDoS protection shields businesses against attacks designed to overwhelm infrastructure, and
our WAAP includes a unique dual WAF inspection mode to make it easier for implementation and analyzes proposed rule changes against live traffic with no interruption to performance. As a fully PCI compliant solution, Edgio protects businesses against OWASP Top 10 security risks, remote code execution (RCE), SQL injection (SQLi), cross-site scripting (XSS), credential stuffing, scraping, DDoS attacks, and other security threats.
What security-related issues did your organization desire to address with this solution/service?
Cloud-based security-as-a-service provider that offers email security protection with Managing Detection & Response (MDR) approach.
Brief description of solution/service
Cloud-based security-as-a-service provider that offers email security protection with Managing Detection & Response (MDR) approach.
What technologies and/or innovations are applied/deployed in this solution/service?
Green Radar grMail is a cloud-based email security platform with aidar™ (artificial intelligence) capability, to discover any unprecedented email threats. The aim is to adaptive infrastructure that harness data to extract hidden threats and to defend your organization against bulk spams, virus, malware, spoofing emails, phishing, CEO fraud and other email-borne threats.
What security-related issues did your organization desire to address with this solution/service?
More than ever, users are the weak link in an organisation’s network security. Employees are frequently exposed to
sophisticated social engineering attacks so they need to be trained by an expert like Kevin Mitnick. Many IT pros don’t
exactly know where to start when it comes to creating a security awareness program that will work for their organisation.
KnowBe4 has taken away all the guesswork with its Automated Security Awareness Program (ASAP), which allows
organisations to create a customised program that helps implement all the steps to create a complete security awareness
training program in just a few minutes.
Brief description of solution/service
KnowBe4 is the world’s largest integrated Security Awareness Training and Simulated Phishing platform with over 50,000+
customers. Based on Kevin Mitnick’s 30+ year unique first-hand hacking experience, you now have a platform to better
manage the urgent IT security problems of social engineering, spear phishing and ransomware attacks.
What technologies and/or innovations are applied/deployed in this solution/service?
AI-Driven optional training recommendations based on the performance metrics of the individual learners.
https://support.knowbe4.com/hc/en-us/articles/1500002656002#AIDA.
Automatic and Ai-driven dynamic selection of phishing templates based on the skill level of each user:
https://support.knowbe4.com/hc/en-us/articles/1500003848062.
Virtual Risk OfficerTM provides actionable data and metrics to help organisations better understand their security
strengths and weaknesses. VRO assigns dynamic Risk Scores to your users, groups, and organisation. You can use these
Risk Scores to make data-driven decisions for your organisation's security. https://support.knowbe4.com/hc/en-us/articles/360001358728.
What security-related issues did your organization desire to address with this solution/service?
Detect API threats and prevent attacks
API security risks and issues are not all discovered in source code alone. Monitor real-time traffic using AI and ML-based
detection to uncover data leakage, data tampering, data policy violations, suspicious behavior, and API security attacks.
Brief description of solution/service
Noname Security : The Complete API Security Platform
Proactively secure your environment from API security vulnerabilities, misconfigurations, and design flaws. Protect APIs
from attacks in real-time with automated detection and response.
What technologies and/or innovations are applied/deployed in this solution/service?
Noname API Security Platform provides Tonik with the means to validate the health of the APIs it uses. The neobank can
now have a complete, real-time inventory and monitor active APIs efficiently as well as discover and analyze legacy and
dormant APIs. The platform also enables the bank to actively test APIs before production so that it can identify potential
flaws in its software development lifecycle.
What security-related issues did your organization desire to address with this solution/service?
Although business productivity relies on uploading, sharing, and transferring information, accepting file uploads in web
applications and portals adds a significant security threat that many organizations are not effectively protecting against.
Organizations have also become more concerned with mitigating third-party risk in the wake of the SolarWinds
compromise, as well as with the significant rise in attacks against critical infrastructure organizations and the subsequent
emphasis on cybersecurity controls to protect these specialized environments and business critical sensitive information.
Brief description of solution/service
OPSWAT Application Security solutions protect organizations from cyberattacks and detect malicious payloads,
exploitable vulnerabilities, and hidden sensitive information in an easy-to-deploy, use, and monitor platform.
The solution is multi-platform integrated, with deployment available via API, ICAP, Containers, and more to support
different architectures that provide high availability, scalability, and throughput.
What technologies and/or innovations are applied/deployed in this solution/service?
OPSWAT Application Security solutions use multiple proprietary technologies for advanced-threat-detection and
prevention to provide a true zero-trust platform that protects organizations from malware and data breaches.
OPSWAT multiscanning technology provides detection rates close to 100% - by simultaneously scanning with the latest
anti-virus technologies using heuristics, NGAV, AI/ML, signatures, and more.
If there is malware hidden inside the content in the files being uploaded or transferred in a web application, a true zero-
trust standard requires prevention-based technologies in addition to detection. With Deep-CDR, organizations receive
safe-to-consume files that are processed within milliseconds without interrupting their workflow or impacting file
usability.
What security-related issues did your organization desire to address with this solution/service?
APT threats, lack of industry-focused threat intelligence, early detection of stealthy and sophisticated attacks, securing ICS
and IoT deployments from targeted attacks
Brief description of solution/service
Sectrio's IT-OT-IoT Security Solution is designed to detect and mitigate threats and vulnerabilities to IT, OT and IoT
deployments through early detection, contextual heuristics, adaptive threat intelligence and anomaly detection.
What technologies and/or innovations are applied/deployed in this solution/service?
This solution uses an AI-based adaptive threat intelligence features that allows it to scale to meet the dynamics of the
threat environment that surrounds the networks secured by the solution. For instance if a new malware loader is
introduced, the solution introduces programed bots that swarm the vector while simultaneously creating twins of the
network and assets being protected to confused and contain the vector
What security-related issues did your organization desire to address with this solution/service?
The complexity of today’s cloud and hybrid environments makes it increasingly challenging for SOC teams to ingest security-related data at scale and take action against advanced threats. By combining UEBA, SIEM, XDR, and SOAR into a scalable cloud-native architecture, Securonix provides the industry’s first complete, end-to-end security operations fabric for threat detection and response in modern environments.
Core capabilities include:
• Cloud-native deployment – for quick ROI with minimal operational overhead and unlimited scalability • Analytics-based approach to detect advanced threats
• Packaged content – providing out of the box threat detection and response
Brief description of solution/service
Built on big data architecture, Securonix delivers SIEM, UEBA, XDR, SOAR, Security Data Lake, NTA and vertical-specific applications as a pure SaaS solution with unlimited scalability and no infrastructure cost. Securonix reduces noise and prioritizes high fidelity alerts with behavioral analytics technology that pioneered the UEBA category.
What technologies and/or innovations are applied/deployed in this solution/service?
• Native integration with 3000+ third-party technology solutions to simplify security operations
• Fastest time-to-value due to the SaaS delivery model and out-of-the box high quality content
• Scale from a 100-person startup to S&P 100 global enterprise with fast security ROI and predictable cost
• Analytics-driven approach with content aligned to MITRE ATT&CK framework to detect unknown threats
• Open data platform with unlimited scalability and ability to share data (collect once, use many times)
• Flexible deployment models including ‘Bring Your Own AWS’ and ‘Bring Your Own Snowflake’ that align with customers’ cloud strategies and overall business needs
What security-related issues did your organization desire to address with this solution/service?
Due to the increase of digital banking transforming in APAC, security & risk managers requires a real-time approach to
online fraud detection and response with comprehensive use cases to adapt with day-by-day changing fraud behaviors
and tactics. Our solution completely provides real-time data monitoring tool from different log source and early alert
detection based on fraud risk playbooks which are customized by Viettel fraud analysts. Our solutions is recognized as
the companies in Vietnam, and protected 50 millions of user accounts from online frauds.
Brief description of solution/service
Viettel Financial Fraud Detection & Response is the pioneer solution to mitigate monetary fraud and increase end-user's
satisfaction for banks and financial institutions. We bring a comprehensive approach to prevent fraudster for different
use cases including promotional campaigns, new user development, etc. to protect the organization's budget and
reputation.
What technologies and/or innovations are applied/deployed in this solution/service?
Our detection engine is based on different scenarios using conditions on object’s profiles or the correlation conditions
between the object’s behavior, combined with built-in profiling and risk scoring technology. Our product is the one and
only vendor which provides ISP Indicator Early Detection feature, allowing near real time ISP data analysis for less than 2
minutes. VCS – F2DR is optimized to analyze 50,000 transactions per second and support up to 3 million users with only
2 – 3 basic servers meanwhile delay time of real-time event analysis is less than 3 seconds.
What security-related issues did your organization desire to address with this solution/service?
Many organisations currently leverage consultant-driven exercises to understand if they are vulnerable to cyberattacks.
However, these point-in-time exercises no longer enable organisations to defend themselves from emerging
vulnerabilities. Now, vulnerabilities can be discovered and exploited within hours, giving organisations a small window to
react and protect themselves. By leveraging our technology, combined with our expertise, the watchTowr Platform arms
organisations with this information. The watchTowr Platform is constantly updated and enhanced by a team of experts,
who codify adversarial tactics and techniques into the watchTowr Platform, automatically and continuously analysing
attack surfaces at scale.
Brief description of solution/service
watchTowr provides organisations with a continuous, real-time view of their external attack surface - through the eyes of
a sophisticated attacker. Pairing world-class technology, with some of the world’s best offensive cyber security experts,
watchTowr empowers organisations to continuously identify vulnerabilities that would allow an attacker to compromise
an organisation.
What technologies and/or innovations are applied/deployed in this solution/service?
watchTowr's Adversary Sight technology gives organisations comprehensive view of their external attack surface by
incorporating the same discovery tactics and techniques that real adversaries utilize. Its Continuous Assurance
technology mimics the persistence and aggression of real-world adversaries and the technology continuously probes
entire external attack surfaces for high-impact vulnerabilities. It also provides real-time reporting and insights: on-demand
reporting outputs aligned to cybersecurity regulatory guidelines and industry standards, is available via dashboard, APIs,
and in exportable formats. Because of these, organisations are given true attack surface visibility, real-time assurance, an
opportunity to act rapidly with scalable approach and no blind spots.
What security-related issues did your organization desire to address with this solution/service?
As the inventor of the YubiKey, Yubico makes secure login easy and available for everyone. The company has been a leader
in setting global standards for secure access to computers, mobile devices, and more. Yubico is a creator and core
contributor to the FIDO2, WebAuthn, and FIDO Universal 2nd Factor (U2F), and open authentication standards. YubiKeys
are the gold standard for phishing-resistant multi-factor authentication (MFA), enabling a single device to work across
hundreds of consumer and enterprise applications and services. Yubico is privately held, with a presence around the
globe.
Brief description of solution/service
As the inventor of the YubiKey, Yubico makes secure login easy with phishing-resistant MFA. Yubico is setting global
standards for secure access to computers, mobile devices, and more, and is a creator and core contributor to the FIDO2,
WebAuthn, and FIDO Universal 2nd Factor (U2F), and open authentication standards.
What technologies and/or innovations are applied/deployed in this solution/service?
Since the company was founded in 2007, it has been a leader in setting global standards for secure access to computers,
mobile devices, servers, browsers, and internet accounts. Yubico is a creator and core contributor to the FIDO2,
WebAuthn, and FIDO Universal 2nd Factor (U2F) open authentication standards, and is a pioneer in delivering modern,
hardware-based authentication security at scale. Yubico’s technology enables secure authentication, encryption, and code
signing and is used and loved by many of the world’s largest organizations and millions of customers in more than 160
countries.