Click image for fullscreen
Kaspersky Total Security offers comprehensive protection and real-time defence against all cyber threats. Customers get all-in-one protection against viruses, malware, ransomware, spy apps and all the latest tricks. It is a triple-layer protection system that works 24/7 to secure devices and data with proactive detection, real-time protection and instant neutralisation.
Ransomware is one of the most enduring threats faced by the cyberworld due to the clear monetisation model and the easy implementation of malware by cybercriminals. Common ransomware is widely spread via malicious spam campaigns and exploit kits just to name a few. To solve this, Kaspersky’s Total Security provides a comprehensive range of multilayered and next-generation threat protection in one product. This product monitors and guards both Windows and Mac users with proactive technologies such as Real-Time Antivirus, Trojan Remover and Instant Threat Detection.
Kaspersky provides complete defence against cyber threats for all internet-enabled devices, including Windows or macOS computers, laptops, and Android or iOS tablets and smartphones. Its triple-layer protection system works around the clock to safeguard consumers. This includes proactive detection (sandboxing, deep learning models, event correlation) which identifies device vulnerabilities and threats, while its network monitoring & anti-ransomware software prevent hackers from breaching networks and intercepting data. Real-time anti-virus protection guards against various threats, from worms and Trojans to complex ones like botnets, rootkits, and rogues. Lastly, advanced anti-malware software neutralises spyware, adware, keyloggers, spear phishing, and hard-to-detect fileless attacks.
The industries in Asia Pacific that this has been deployed in include: Banking and Financial Institutions, Government Agencies, Telecommunications, Industrial and Healthcare. This has resulted in effective detection of threats along with quick and intelligence-based responses which resulted in significant mitigation of financial losses. Threat intelligence services, such as Kaspersky, strengthen a company's defense and enhance visibility over the threat landscape by providing relevant and actionable insights.
Click image for fullscreen
Fortinet's Ransomware/Malware security solution is a comprehensive cybersecurity platform that employs advanced threat detection, prevention, and response mechanisms to safeguard networks and systems against ransomware and malware attacks. It offers real-time threat intelligence, behavior-based analysis, and proactive measures to neutralize threats, ensuring robust protection for businesses.
Fortinet's Ransomware/Malware security solution mitigates the rising threat of ransomware attacks that can disrupt operations and lead to data breaches. The solution seeks to protect against various malware strains targeting vulnerabilities in networks and systems. It also aims to defend sensitive data from unauthorized access and exfiltration. Fortinet's solution prioritizes real-time threat detection and prevention to proactively neutralize emerging cyber threats. By offering comprehensive protection, it helps organizations ensure business continuity, safeguard customer trust, and comply with industry regulations, enhancing overall cybersecurity posture.
Fortinet's innovation lies in its ability to combine cutting-edge technologies such as AI/ML and analytics, providing a robust cybersecurity platform capable of detecting, preventing, and responding to ransomware and malware attacks effectively.
Fortinet's Ransomware/Malware security solution is extensively deployed across the Asia-Pacific (APAC) region, benefiting a diverse range of organizations. It caters to large enterprises, safeguarding their critical infrastructure and sensitive data from cyber threats. Additionally, government agencies rely on Fortinet to protect their digital assets and maintain essential services. Educational institutions utilize the solution to ensure the safety of students' and faculty's personal information. Service providers integrate Fortinet's security solution into their offerings to enhance protection for their customers. The scalability and cost-effectiveness of Fortinet's solutions make them a preferred choice for small and medium-sized enterprises (SMEs) as well. Healthcare providers trust Fortinet to secure patient data and comply with regulations while safeguarding critical medical equipment. The widespread adoption of Fortinet's security solution across various sectors in the APAC region demonstrates its effectiveness in combating ransomware and malware threats tailored to meet the specific requirements of different organizations.
Click image for fullscreen
Proofpoint Advanced Email Security is a solution that helps organisations prevent, detect, and respond to today’s most advanced attacks. It utilises a multilayered approach, including email analysis and classification, targeted attack protection, preventing spoofed emails, controlling data loss, email threat response, and maintaining mail during a server outage.
Email is a fundamental tool of modern business communication and the No. 1 threat vector. There are many types of email attacks, including phishing, business email compromise, supply chain attacks, ransomware, and cloud account compromise — all of which are constantly evolving, so organisations struggle with addressing the speed, volume, and complexity of today’s cyber threats. Proofpoint’s Advanced Email Security solution employs an inline and API approach to ensure full protection of inbound and outbound messages. Its integrated, layered approach reduces risk of successful attacks by accurately detecting threats faster, providing actionable insights for organisations to better understand the risks their users face.
This solution uses reputation, URL rewriting, and predictive and click-time sandboxing to detect payload threats, such as through attachments and URLs. It uses built-in detection for evasion tackles like CAPTCHA, password protection, render-heavy sites, redirectors and file-sharing sites. Artificial intelligence (AI) and machine learning (ML) models from Nexus Threat Graph are used for payloadless attacks. They score signals like supplier risk, user signals from collaboration suites, content natural language processing, receiver relationships and intent, for Proofpoint to detect malicious emails. Analysing email with multilayered content analysis, reputation analysis and sandboxing stops advanced threats like polymorphic malware and ransomware before they hit users.
Bechtle AG, a leading European IT company with 11,000 employees and operations in APAC -- aimed to establish a modern, scalable, and secure email platform as an industry standard. Their existing customised open-source email system became difficult to manage as the company expanded to new locations, and their anti-spam tools struggled with the growing user base and email volume. After evaluating options, Bechtle chose Proofpoint Email Protection and Proofpoint Targeted Attack Protection (TAP). The high flexibility of Email Protection impressed them, offering customisable policy management at various levels and empowering employees with self-service email configurations, reducing IT overhead. TAP effectively detected and blocked advanced threats, including malicious attachments, URLs, zero- day threats, polymorphic malware, weaponised documents, and phishing attacks. To counter evasive email threats, Bechtle implemented Proofpoint Threat Response Auto-Pull (TRAP), automatically removing harmful emails from users' inboxes and deleting forwarded copies to colleagues. With the new email security solution in place, Bechtle successfully blocked millions of unwanted messages monthly, accounting for about 70% of total inbound email traffic, including 40% of targeted threats with attachments and 60% with URLs.
Click image for fullscreen
KnowBe4, provider of the world’s largest security awareness training and simulated phishing platform, is used by more than 60,000 customers. KnowBe4 helps organizations address the human element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to awareness training on security.
Human error, though mostly unintentional, is one of the main causes of cybersecurity incidents. More than ever, users are the weak link in an organization’s network security. Employees are frequently exposed to sophisticated social engineering attacks so they need to be trained by an expert. Many IT pros do not exactly know where to start when it comes to creating a security program that will work for their organization. KnowBe4 has taken away all the guesswork with its Automated Security Awareness Program (ASAP), which allows organizations to create a customized security awareness program in just a few minutes.
AI-Driven optional training recommendations based on performance metrics of individual learners. Automatic and Ai-driven dynamic selection of phishing templates based on skill levels of each user. Virtual Risk Officer™ provides actionable data and metrics to help organizations better understand their security strengths and weaknesses. VRO assigns dynamic Risk Scores to your users, groups, and organization. You can use these Risk Scores to make data-driven decisions for your organization's security. SecurityCoach offers real-time security coaching aimed at reducing risky behavior. It correlates, identifies and responds to the risky security behavior of an organization’s users being generated within their existing security infrastructure.
The industries represented are: financial services, technology, manufacturing, insurance healthcare and pharmaceuticals. In the KnowBe4 2023 Phishing by Industry Benchmarking report, customers in Asia Pacific were able to reduce their Phish-prone™ percentage from 30% to 14.9% after just 90 days and from 30% to 6.5% after a year or more of KnowBe4 training and simulated phishing tests. This demonstrates the efficacy of security awareness training and improved security culture. Reviews from over 135 customers in APAC reported the main drivers for adoption of the KnowBe4 platform were to improve compliance and risk management, drive innovation and provide a security solution that delivered results across the whole business. “KnowBe4 has allowed our organisation to test our staff on security and privacy issues to see how they deal with various examples within day to day operations. Using this data, we have been able to provide training to ensure they make the right decisions in the future. Our aim is to ensure every staff member can identify and deal with directly and correctly any threats that get past external security solutions like security gateways and filters.”
Click image for fullscreen
Nexusguard’s Managed DDoS Mitigation Service integrates innovative and proprietary technologies, security and service expertise as well as processes honed over fourteen years in the cybersecurity industry. With Nexusguard, CSPs can offer DDoS protection solutions as a service, move up the cybersecurity value chain and gain access to additional sales pipelines.
Nexusguard’s AI-driven Smart Mode solution leverages big data analytics, implementing Machine Learning technology to track changes against traffic baselines autonomously and detect unusual patterns that might indicate the presence of a potential threat. Compared to traditional threshold-based detection methods, Nexusguard’s Smart Mode is capable of identifying malicious attack patterns from high volumes of traffic data with improved precision, making it an ideal solution for protecting CSP networks and infrastructures against the threat of advanced attacks such as Bit-and-Piece attacks, Black Storm attacks and potential Zero-day attacks.
Automated, Intelligent Detection & Mitigation Upon detecting malicious attempts, Nexusguard’s mitigation platform generates alarms and initiates the process according to a filter-based security profile built and fine-tuned using deep learning technologies to detect threats. Malicious attempts are headed off before reaching customer networks or applications. Granular Visibility & Control Designed for multi-tenant environments, Nexusguard Portal is a premier traffic visibility, management and reporting system built to meet the diverse needs of modern networks. Nexusguard Portal combines network visibility, powerful tools and educational resources to create a cost-effective, “single-pane-of-glass” platform for managing DDoS detection and mitigation policies and obtaining actionable intelligence.
Through Nexusguard’s comprehensive DDoS protection solution with 99% uptime guarantee, Malaysia’s PPT Telecommunications (PPTEL) was able to help fully secure Sarawak government agency networks as well as networks of public organizations. The deployment of our versatile MX7000 delivered fully scalable and highly customizable protection against evolving DDoS attacks, well exceeding Sarawak’s strict compliance requirements, transforming PPTEL into a managed security service provider (MSSP) with the capability of protecting its customers against all forms of cyber threats.
Click image for fullscreen
Edgio’s software-defined, always-on DDoS protection is able to protect all networks and applications. The combination of Edgio’s Layer 3-7 DDoS protection via its 250 Tbps bandwidth capacity provides businesses with a full spectrum protection to ensure maximum resiliency and uptime of their network and applications.
1.Detect and filter out bad traffic within seconds.
2.Defend against a broad range of DDoS attacks, from volumetric attacks to state exhaustion, across OSI layers 3 and 4 (layer 7 attacks are covered by our holistic WAAP).
3. Leverage our existing network architecture combined with software-defined detection and mitigation policies.
4. Deployable via a cloud-based, single pane of glass control panel (with management APIs available)
5. Efficiently update rules and enforce policies globally across all of our PoPs in near real-time, in addition to rules automatically created on the fly in response to attacks.
Edgio developed Stonefish, a powerful DDoS detection and mitigation platform that safeguards customer web applications from layer 3/4 attacks. As the first line of defense in our comprehensive security solution, Stonefish operates continuously, analyzing millions of packets per second and assigning threat scores. It autonomously takes action when necessary and is constantly monitored by the Support Team, enabling real-time analysis and mitigation. Edgio's DDoS security stack combines open-source and custom software across all Points of Presence (POPs), delivering a highly scalable and automated platform that enhances frontline support for DDoS mitigation.
Edgio prevented a large DDoS attack measuring ~176 million packets per second (Mpps) which targeted a multinational e-commerce client based in Asia. The attack lasted about 30 minutes and originated from the EU; our Anycast network quickly spread the load and mitigated the attack within the EU region despite customer’s infrastructure being located in Asia.
Click image for fullscreen
Imperva is a leading cybersecurity company that specializes in protecting business-critical data and applications. We offer a range of products and services including web application firewalls, database security, and DDoS protection. Imperva helps organizations defend against cyberthreats, secure their software assets, and ensure regulatory compliance.
Imperva aims to protect web applications from attacks like SQL injection and cross-site scripting (XSS), safeguard databases against unauthorized access and data breaches, mitigating DDoS attacks to maintain uninterrupted service availability, and ensuring compliance with various regulatory requirements such as GDPR and PCI DSS. Imperva's solutions aim to provide organizations with robust cybersecurity measures to detect, prevent, and respond to evolving threats, safeguard sensitive data, and maintain the integrity and availability of their critical applications.
Imperva's Web Application Firewall (WAF) protects against web-based attacks like SQL injection and XSS, while Database Activity Monitoring (DAM) ensures real-time database security. DDoS protection combats large-scale attacks, and data security features like encryption and tokenization safeguard sensitive information. Behavioral analytics detects unusual user behavior and potential insider threats. Imperva's comprehensive approach also addresses regulatory compliance requirements such as GDPR and PCI DSS. Through these cutting-edge tools, organizations benefit from proactive defense measures against evolving cyberthreats.
Imperva has deployed its cybersecurity solutions and services across various industries and organizations in the Asia Pacific region. These deployments span financial services, healthcare, e-commerce, government, technology, and more. For instance, a leading financial institution in Singapore utilized Imperva's Web Application Firewall (WAF) and Database Activity Monitoring (DAM) to enhance their security posture. The WAF protected their online banking and transactional portals, ensuring that customer data and financial transactions were safeguarded from potential threats like SQL injection attacks. The DAM provided real-time monitoring of their critical databases, detecting and preventing unauthorized access attempts, thus protecting sensitive customer information and ensuring compliance with industry regulations. This successful deployment significantly improved the organization's overall security resilience, reducing the risk of data breaches and enhancing customer trust. By partnering with Imperva and leveraging their advanced technologies, businesses in the Asia Pacific have bolstered their cybersecurity defenses, maintaining the confidentiality, integrity, and availability of their critical assets in the face of evolving cyber threats.
Click image for fullscreen
Barracuda Cloud-to-Cloud Backup is a cloud-first solution that provides comprehensive, cost-effective, scalable backup and recovery for Microsoft 365 data with unlimited storage and retention. It offers granular protection with point-in-time retrieval and customizable or on-demand backup. User can go from signup to running the first backup in only 5 minutes.
Barracuda Cloud-to-Cloud Backup is a secure, easy-to-use SaaS backup for Microsoft 365 data. With ransomware being a prominent threat to organizations that can cause widespread and costly damages, a good backup with quick recovery is critical after a ransomware attack or accidental deletion to avoid business disruption. It is the last line of defense from paying a ransom or suffering the loss of criminally encrypted data – a Barracuda research shows that 52% of ransomware victims restored encrypted data through backups in 2022. Microsoft recommends that user to back up data using a third-party backup solution to secure their data.
Barracuda Cloud-to-Cloud Backup is a cloud-native solution that lives entirely in the cloud, so no maintenance is required. Compared to traditional backup solutions, it ensures fast performance and instant scalability as Microsoft 365 data is already in the cloud. It offers unlimited storage and retention, and flexible recovery. The simple management makes it easy to monitor backups and allows easy sign up and set up to run first backups in 5 minutes. Users can integrate it with Barracuda’s Data Inspector to secure customers' environments against improperly-stored sensitive data and latent malware.
Barracuda has successfully deployed its solution/services across diverse industries and organizations in the Asia Pacific region. One of its customers, MSS Security, a leading Australian provider of security and emergency response services, decided to switch to cloud environment due to the escalating maintenance cost and limited scalability of on-premises servers, and had transformed its data management by deploying Barracuda backup solutions. By deploying Barracuda Cloud-to-Cloud Backup, the company achieved scalable and cost-effective backups with unlimited data storage and retention. No maintenance is required as software or firmware updates take place automatically in the cloud, thus freed the company’s IT resources for other projects. It also gained enhanced data visibility and retrieval with the easy-to-use dashboard that allows 100% visibility into backup status. More importantly, the deployment of Barracuda Cloud-to-Cloud Backup and Barracuda Backup means MSS Security’s data is backed up, replicated, and stored in multiple locations — all in Australia. If data is corrupted or unavailable from the primary storage location due to a natural disaster or a ransomware attack, MSS Security can access the same data from alternative locations in minutes thus maintaining business continuity.
Click image for fullscreen
Proofpoint Insider Threat Management (ITM) is a SaaS solution that takes a people-centric approach to protect sensitive data from insider threats and data loss at the endpoint. By combining context across content, behaviour and threats, it provides deep visibility into user activities, helping security teams detect and prevent insider-led data breaches
Insider threat incidents have risen 44% over the past two years, with costs per incident up more than a third to $15.38 million. This is exactly why Proofpoint’s ITM was created: to protect against data loss and brand damage involving insiders either acting maliciously, negligently, or unknowingly. With ITM, Proofpoint empowers security teams to reduce insider threat risk and frequency, accelerate insider threat response and increase efficiency of their security operations.
Proofpoint ITM is built on the microservices-driven Proofpoint Information and Cloud Security platform. It gathers telemetry from endpoints, email and cloud, while webhooks into the platform make it easy for SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation, and Response) tools to ingest ITM alerts, so incidents can be identified and triaged faster. It monitors risky users by building watchlists based on criteria like a user’s role and data they interact with. It also considers their vulnerability to phishing and other social engineering factors, taking into account changes in employment status, other human resources and legal factors.
Your World Recruitment is a global staffing organisation that provides high-calibre careers to experienced professionals worldwide and in Singapore. It faced challenges in the recruitment industry due to high turnover and the risk of unauthorised data movement. To address these concerns, they sought a solution to empower their small IT team in detecting and responding to data breaches and risky activities effectively. They chose Proofpoint's ITM for its user-friendly nature, enabling easy implementation without extensive security training or a large team. The platform efficiently identified threats based on severity, reducing the need for excessive fine-tuning and hands-on alert management. The recruitment industry's vulnerability to insider threats and data exfiltration due to vast amounts of sensitive candidate and employment data was a concern. Your World Recruitment's five-person IT department struggled to actively monitor insider threats amid various tasks. Proofpoint's assistance was invaluable in identifying and preventing potential insider threats, such as users attempting fraud through falsified expenses, impersonating candidates to steal money, and sharing credentials leading to data leaks. Utilising Proofpoint significantly bolstered their security measures and mitigated insider threat risks.
Click image for fullscreen
Commvault’s industry-leading platform redefines the next generation of data protection with proactive data defense, advanced ransomware protection, and a single view across all organizational data. With Metallic ThreatWise, we leverage cyber deception technology to deliver unprecedented early warning of attacks, active defense to reduce the impact of intrusion, and rapid, accurate recovery of your data and business services. No other vendor is this space provides this.
Commvault enable enterprises to protect their data before it is compromised – with expansive capabilities that can anticipate, see, and react to threats, before its time to recover. From data breaches, unauthorized access, data loss, to disaster recovery and data governance - our comprehensive backup, recovery, and archiving capabilities help organizations protect sensitive data from external threats and internal mishaps. Leveraging patented cyber deception technology, we also deliver advanced detection measures to intelligently safeguard data by identifying stealthy cyber threats in production. With advanced automation built-in, ThreatWise™ seamlessly enriches data protection strategies, connects IT and Security teams, and reduces cognitive load for admins and users.
Commvault incorporates several technologies and innovations in its data protection platform. It leverages artificial intelligence (AI) and machine learning (ML) to enable intelligent data management, automate processes, and improve decision-making. Our solution employs advanced encryption techniques to secure data at rest and in transit while it also integrates with network analytics tools to enhance visibility and monitor data flows. Additionally, it supports multi-cloud environments, allowing seamless data management across multiple cloud and on-premise platforms. The solution's architecture promotes scalability and flexibility, enabling organizations to adapt to evolving IT landscapes. Through these technological advancements, Commvault delivers a comprehensive and cutting-edge data protection platform.
Commvault's data protection platform have been deployed in various industries and organizations across the Asia Pacific region.
• In the healthcare sector, Commvault has been instrumental in safeguarding patient data, ensuring compliance with data privacy regulations, and optimizing data management processes for hospitals and healthcare organizations.
• Financial services institutions, including banks and insurance companies, have implemented Commvault's solutions to protect sensitive financial data, facilitate disaster recovery, and adhere to evolving regulatory requirements, thereby ensuring the integrity and availability of critical financial information.
• Government agencies and public sector organizations have benefited from Commvault's solutions by enhancing data protection, enabling compliance with regulations, and optimizing backup and recovery processes.
• Educational institutions have utilized Commvault's solutions to effectively manage and protect large volumes of data, including student records, research data, and administrative information, leading to improved data availability, simplified backup processes, and support for data-driven decision-making in the education sector.
Overall, Commvault's deployments in the Asia Pacific region have consistently yielded enhanced data security, streamlined data management, improved regulatory posture, and reliable backup and recovery capabilities. These achievements have resulted in increased operational efficiency, reduced data loss risks, and maximized utilization of data assets for informed decision-making for organizations to stay ahead in the digital era.
Click image for fullscreen
The CipherTrust Data Security Platform integrates data discovery, classification, data protection and unprecedented granular access controls, all with centralized key management. This solution removes data security complexity, accelerates time to compliance, and secures cloud migration, which results in less resources dedicated to data security operations, ubiquitous compliance controls, and significantly reduced risk across your business.
Supporting global security and privacy regulations including GDPS, HIPAA, FIPS 140-2, MAS and many more, the CipherTrust Data Security Platform simplifies data security administration with ‘single pane of glass’ centralized management console that equips organizations with powerful tools to discover and classify sensitive data, combat external threats, guard against insider abuse, and establish persistent controls, even when data is stored in the cloud or in any external provider’s infrastructure. It offers advanced encryption and centralized key management solutions that enable organizations to safely store sensitive data in the cloud using BYOE and BYOK.
CDSP centralize key management for both native and third party encryption security selected by organizations regardless of on-premise infrastructure and/or different cloud service provider. Utilizing industries standards like KMIP, BYOK and HYOK, CDSP manages key life cycles from key generation, key in use, suspension and deletion to comply with stringent audit policy. CDSP has tight integration with large SAAS providers to enhance the ownership of data when using SAAS.
FSI, enterprises and Government sectors across APAC who need to migrate from on-premise to hybrid/multi-cloud in order to take advantage of the agility, and speed to market when they digitized their business and operations or take full advantage of the scalability of the public and still maintain of their sensitive data. An example of this technology being adopted - A highly regulated global energy company with operations in multiple countries needed to protect high-value data across multiple platforms. The organization was concurrently migrating most of its data centers to the cloud. The company had hundreds of Microsoft Azure subscriptions, and each used several key vaults, increasing the complexity for managing keys. The customer wanted a vendor-agnostic solution able to centrally manage and store keys on premises for multi-cloud deployments leveraging the bring your own key (BYOK) model.(https://cpl.thalesgroup.com/resources/encryption/high-value-data-security-case-study) Other Notable case studies: https://cpl.thalesgroup.com/resources/encryption/simplify-data-protection-case-study
Click image for fullscreen
Rubrik's Zero Trust Data Security solution aims to address various critical security-related issues. These include the growing threat of data breaches and cyberattacks that exploit traditional perimeter-based security models.
By adopting a Zero Trust approach, Rubrik intends to counter unauthorized access attempts, data theft, and insider threats, ensuring data remains protected at all times, irrespective of its location. The solution focuses on bolstering data privacy and integrity, enabling organizations to maintain compliance with regulatory requirements. It also aims to safeguard against ransomware attacks, implementing encryption and continuous monitoring to thwart potential threats and minimize the impact of security incidents.
Rubrik's Zero Trust Data Security solution leverages a range of cutting-edge technologies and innovations to enhance data protection. It applies advanced encryption algorithms to secure data both at rest and in transit. Network analytics and AI-driven behavioral analysis are employed to monitor user and device behavior, detecting anomalous activities and potential threats. Machine learning algorithms continuously improve the system's ability to identify and prevent security breaches. Additionally, access controls, multi-factor authentication, and identity management technologies ensure only authorized users gain entry to sensitive data.
Rubrik deploys its Zero Trust Data Security solution across diverse industries in the Asia Pacific region, including finance, healthcare, government, manufacturing, technology, and education. This solution's advanced capabilities, such as encryption, access controls, and behavioral analysis, were aimed at safeguarding sensitive data for multinational corporations, medium-sized enterprises, and public institutions in countries like Singapore, Australia, Japan, India, South Korea, and China.
Click image for fullscreen
Acronis is a global technology company that provides disaster recovery and data protection solutions. The company's products and services are used by businesses of all sizes, as well as individuals and government agencies. Our data backup and protection solutions have led us to being named a Gartner Magic Quadrant Leader for Data Center Backup and Recovery Software for five consecutive years.
Acronis focuses on providing comprehensive cyber protection, encompassing data backup, disaster recovery, endpoint protection, and secure file sync and share. By integrating these functionalities, Acronis seeks to protect businesses and organizations from data loss, ransomware attacks, and other cyber threats. Our solutions aim to ensure data integrity, accessibility, and security, reducing the risks associated with data breaches and enhancing overall cybersecurity resilience for businesses of all sizes across various industries.
Acronis utilizes a combination of cutting-edge technologies and innovations to deliver its comprehensive cyber protection solutions. These include AI and machine learning for proactive threat detection and behavior analysis, ensuring real-time defense against ransomware and other cyber threats. Blockchain technology is integrated to provide data immutability and secure data storage, enhancing data integrity and preventing unauthorized access. Additionally, Acronis leverages network analytics to identify potential vulnerabilities and protect against data breaches. By deploying these advanced technologies, Acronis aims to offer robust cybersecurity measures, data backup, and recovery capabilities to safeguard critical information and ensure business continuity for its clients.
Acronis deploys its cyber protection solutions across various industries and organizations in the Asia Pacific region. These industries include financial services, healthcare, government, retail, and manufacturing. Acronis offers comprehensive data backup, disaster recovery, endpoint protection, and secure file sync and share services, powered by innovative technologies such as AI, machine learning, and blockchain. These technologies enable proactive threat detection, behavior analysis, data immutability, and network analytics, ensuring real-time defense against cyber threats and enhancing data integrity. By providing robust cybersecurity measures, Acronis helps businesses protect sensitive information, ensure compliance, and maintain continuity in the face of evolving cyber risks.
Click image for fullscreen
A Singapore-based company that specializes in hardware-based cybersecurity solutions and industrial NAND flash storage devices, Flexxon's XDR solutions are part of its cybersecurity portfolio that aims to provide real-time data protection at the storage level.
Flexxon's data security solutions address threats such as ransomware, phishing, poor password practice, internal data theft, forgotten software patches, and lost or stolen devices. The company's solutions help to protect data and systems from inside out – preventing unauthorized access, encrypting data, filtering out malicious emails, enforcing strong password policies, tracking user activity, monitoring for suspicious behavior, automatically applying software patches, and remotely wiping data from devices. In addition to these specific security issues, Flexxon is constantly innovating to develop the most advanced cybersecurity solutions that can help to protect data and systems from the latest threats.
Flexxon's solutions utilize a variety of technologies and innovations to identify and prevent security threats, learn from past security incidents, store data securely, and track malicious traffic.
• X-PHY Cyber Secure SSD is the world's first AI-powered cybersecurity solution that embeds AI at the firmware level of the solid state drive (SSD). This enables the SSD to detect and defend against ransomware, malware, data theft and tampering, without relying on external software or hardware.
• WORM SD and microSD Memory Cards ensure data integrity and immutability. Once files are written in WORM card, they cannot be deleted, modified, or overwritten. This makes them ideal for storing sensitive data that requires tamper-proof and unalterable storage.
• Flexxon X-PHY AI autonomous cybersecurity solution safeguards all sales data and customer information from malware attacks. Flexxon AI solution is integrated into the POS device that consists of a real-time data sensor. As soon as it gets any payment data it starts to define threat or anomaly.
Flexxon's solutions and services have been deployed in a variety of industries and organizations in Asia Pacific, including financial services, healthcare, manufacturing, and government. Some of the organizations that have deployed Flexxon's solutions include DBS Bank, SingHealth, STMicroelectronics, and the Singapore Police Force. Flexxon's solutions have helped these organizations to protect their data and systems from a variety of security threats, including ransomware, phishing, and data breaches.
Click image for fullscreen
Fortanix specializes in confidential computing solutions, focusing on securing data in use. Our SDKMS platform utilizes hardware-based security technologies like Intel SGX and TrustZone for secure data processing, to address data privacy concerns and help organizations comply with regulations while mitigating risks in cloud computing and collaborations.
Fortanix’s primary focus is on securing data in use, which is a vulnerable phase in data processing. By leveraging hardware-based security technologies like Intel SGX and TrustZone, Fortanix enables secure and confidential data processing, mitigating risks associated with data privacy, data breaches, and insider threats. Our "Self-Defending Key Management Service" (SDKMS) helps protect sensitive data even while it is being used by applications, ensuring compliance with data protection regulations and safeguarding against potential threats in cloud computing and multi-party collaborations.
Fortanix SDKMS, utilizes hardware-based security technologies such as Intel Software Guard Extensions (SGX) and TrustZone. These technologies create secure enclaves for data processing, preventing unauthorized access to sensitive information during use. While specific details on additional technologies beyond my last update are limited, Fortanix's approach likely involves advanced cryptographic techniques, secure multi-party computation, and potentially elements of AI/ML for threat detection and anomaly analysis. Their focus on confidential computing ensures data privacy, mitigates insider threats, and protects against data breaches in cloud environments and collaborative settings.
Amidst a significant transformation in Asia Pacific's data privacy landscape, Fortanix's solution is well-equipped to tackle security concerns related to data protection and privacy, making it relevant and beneficial for diverse industries. For example, most organizations in the commercial aviation sector have experienced a digital and connected aircraft revolution with onboard systems for enhanced efficiency and maintenance. Fortanix's offerings extend to financial organizations, empowering them to tailor data controls to specific business use-cases and security requirements. In the healthcare domain, Fortanix's solution ensures seamless data protection across multiple processors in diverse cloud environments and locations, safeguarding against unauthorized disclosures. Emphasizing the importance of safeguarding data itself, Fortanix's approach aligns with the demands of today's data-driven world, providing organizations with a robust and effective method of data security.
Click image for fullscreen
Imperva is a leading cybersecurity company that specializes in protecting business-critical data and applications. We offer a range of products and services including web application firewalls, database security, and DDoS protection. Imperva helps organizations defend against cyberthreats, secure their software assets, and ensure regulatory compliance.
Imperva aims to protect web applications from attacks like SQL injection and cross-site scripting (XSS), safeguard databases against unauthorized access and data breaches, mitigating DDoS attacks to maintain uninterrupted service availability, and ensuring compliance with various regulatory requirements such as GDPR and PCI DSS. Imperva's solutions aim to provide organizations with robust cybersecurity measures to detect, prevent, and respond to evolving threats, safeguard sensitive data, and maintain the integrity and availability of their critical applications.
Imperva's Web Application Firewall (WAF) protects against web-based attacks like SQL injection and XSS, while Database Activity Monitoring (DAM) ensures real-time database security. DDoS protection combats large-scale attacks, and data security features like encryption and tokenization safeguard sensitive information. Behavioral analytics detects unusual user behavior and potential insider threats. Imperva's comprehensive approach also addresses regulatory compliance requirements such as GDPR and PCI DSS. Through these cutting-edge tools, organizations benefit from proactive defense measures against evolving cyberthreats.
Imperva has deployed its cybersecurity solutions and services across various industries and organizations in the Asia Pacific region. These deployments span financial services, healthcare, e-commerce, government, technology, and more. For instance, a leading financial institution in Singapore utilized Imperva's Web Application Firewall (WAF) and Database Activity Monitoring (DAM) to enhance their security posture. The WAF protected their online banking and transactional portals, ensuring that customer data and financial transactions were safeguarded from potential threats like SQL injection attacks. The DAM provided real-time monitoring of their critical databases, detecting and preventing unauthorized access attempts, thus protecting sensitive customer information and ensuring compliance with industry regulations. This successful deployment significantly improved the organization's overall security resilience, reducing the risk of data breaches and enhancing customer trust. By partnering with Imperva and leveraging their advanced technologies, businesses in the Asia Pacific have bolstered their cybersecurity defenses, maintaining the confidentiality, integrity, and availability of their critical assets in the face of evolving cyber threats.
Click image for fullscreen
Veeam Software is a leading provider of backup, disaster recovery, and intelligent data management solutions for virtual, physical and multi-cloud environments. Their mission is to provide simple, flexible, and reliable backup and recovery solutions to help organizations protect and manage their data effectively. Veeam's diverse offerings, including backup and replication software, cloud data management, and data protection tools, cater to customers from various industries, ensuring continuous data availability and operational efficiency.
Veeam focuses on data protection, ensuring that organizations can securely back up and recover their data in the event of a cyberattack or system failure. By providing robust backup and replication software, Veeam helps mitigate the risks associated with data loss and data breaches. Additionally, Veeam emphasizes the availability of data and applications, reducing downtime and enhancing business continuity. Their solutions also include monitoring and analytics capabilities, enabling organizations to proactively detect and respond to security threats. Overall, Veeam aims to provide a secure and resilient data management ecosystem, safeguarding critical information from unauthorized access and potential vulnerabilities.
Veeam's solution/service incorporates various technologies and innovations to enhance data management and security. It leverages advanced backup and replication algorithms to efficiently protect data in virtual, physical, and multi-cloud environments. The platform integrates AI and machine learning capabilities for intelligent data analysis, anomaly detection, and automated recovery. Veeam also employs cloud data management to facilitate seamless data migration and protection across hybrid cloud infrastructures. Additionally, monitoring and analytics tools offer real-time insights into data activity and potential security threats. Through continuous innovation, Veeam stays at the forefront of data protection, making use of cutting-edge technologies to ensure reliable and secure data management for its customers.
Veeam has a strong presence in the Asia Pacific region, deploying its solutions across diverse industries and organizations. This included finance, healthcare, education, government, telecommunications, and manufacturing sectors. In the finance industry, Veeam's solutions ensured the security and continuity of financial data and compliance with regulations. Healthcare organizations utilized Veeam for safeguarding sensitive patient records and maintaining uninterrupted access to critical information. Educational institutions benefited from data protection for academic and research data. Government agencies employed Veeam to secure citizen data and vital public services. Telecommunication companies relied on Veeam for customer data security and network management. Manufacturing organizations integrated Veeam to protect valuable production and supply chain data. These deployments yielded several benefits, such as improved data security, reduced downtime, enhanced compliance, increased operational efficiency, and seamless scalability. Veeam's solutions have played a pivotal role in ensuring business continuity and data integrity, catering to the specific needs of various industries and contributing to their overall success.
Click image for fullscreen
Veracode is a leading provider of intelligent software security solutions. Its comprehensive platform continuously finds flaws and vulnerabilities at every stage of the modern software development lifecycle. Prompted by powerful AI trained by trillions of lines of code, Veracode customers fix flaws faster with high accuracy.
Veracode addresses critical security-related issues in software applications through a comprehensive intelligent software security. The company helps customers easily find and fix potential vulnerabilities in software that may creep in through, insecure coding practices, design flaws, and known security weaknesses in third-party components. With capabilities like Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), container security, and developer enablement, Veracode empowers organizations to fortify the overall security posture of their applications, reduce the risk of security breaches, ensure compliance with industry standards, and protect sensitive data from potential cyber threats.
Veracode's platform leverages various technologies and innovations to enhance application security. It utilizes Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) techniques to scan source code and running applications for vulnerabilities. Software Composition Analysis (SCA) helps identify security issues in third-party libraries. Additionally, Veracode leverages machine learning (ML) algorithms to improve accuracy in identifying potential threats through its AI-powered solution, Veracode Fix. The platform also integrates with development environments, providing a seamless developer experience. Veracode's comprehensive platform, provides a robust and integrated software security solution for security teams, developers, and business leaders.
Veracode's application security solutions and services have been widely deployed across various industries in the Asia Pacific region, including financial services, healthcare, government, and technology sectors. Organizations utilizing Veracode's offerings have achieved improved application security by identifying and addressing vulnerabilities in their software applications, reducing security risks and ensuring compliance with industry regulations. Veracode's developer-friendly tools have empowered development teams to prioritize security during the development process, resulting in more secure software products. While specific deployments may have evolved, Veracode's impact in the Asia Pacific region has been significant in enhancing overall application security for various organizations.
Click image for fullscreen
The Synopsys Software Integrity Group provides integrated application security testing solutions that transform the way teams build, deliver and secure software. A recognised leader in application security, Synopsys’ offers the industry’s most comprehensive portfolio of products and services that empower enterprise organisations to accelerate software innovation while reducing business risk.
Synopsys offers the most comprehensive portfolio application security testing (AST) tools to detect security, quality, and compliance issues in proprietary code, open source and third-party dependencies, application behaviour, and deployment configurations. Each of Synopsys’ AST tools is an established industry leader within its respective category, including Black Duck® SCA, Coverity® SAST and WhiteHatTM Dynamic DAST, and can be delivered on-premises or through the scalable, SaaS-based Polaris Software Integrity Platform®. Additionally, Polaris interoperates with third-party and open source tools, allowing organisations to leverage existing investments and build a completely bespoke security program tailored to their unique needs.
Synopsys has incorporated AI machine learning, natural language processing, and neural networks into our products for more than 5 years. Black Duck SCA uses AI natural language processing (NLP) to streamline code snippet matching, allowing development teams to better identify security issues and license conflicts in open source code, build more accurate SBOMs. WhiteHat Dynamic leverages AI machine learning to verify potential software vulnerabilities to reduce notification times and false-positive rates. Code Dx—an application security orchestration and correlation solution—is AI-enabled, giving it the ability to triage thousands of issues aggregated across various types of application security scans and prioritise remediation.
Synopsys’ application security testing solutions and services are utilised by some of most-recognised companies in the Asia Pacific region—including Alibaba, Mitsubishi Electric, Nokia, and Lenovo—across a wide variety of industry sectors that include Information Technology and Software, Consumer Electronics, Retail, Finance, Automotive, Telecommunications, Aerospace Energy, Medical, IoT, Industrial and more. Specifically, Cryptsoft has adopted Coverity® SAST solution to support development speeds and increase security and software quality. Additionally, Olympus Software Technology Corp. (a division of Olympus Corp.) leverages Black Duck SCA to automate the management of open source code throughout the development process and across the software supply chain. More details here: https://www.synopsys.com/content/dam/synopsys/sig-assets/case-studies/cs-cryptsoft.pdf
Click image for fullscreen
Barracuda Web Application Firewall protects websites, applications, APIs, and mobile app backends against a variety of attacks including the OWASP Top 10, zero-day threats, data leakage, and DDoS attacks. By combining signature-based policies and positive security with robust anomaly-detection capabilities, it can defeat today’s most sophisticated attacks targeting web applications.
Web applications are a major vector for criminals seeking to penetrate network – 43% of breaches involve web application according to Verizon – and the move to remote work intensified this shift. Barracuda found that 79% of APAC organizations suffered a successful security breach as a direct result of a vulnerability in one of its applications in 2021. Top application security challenges include software supply chain attacks, API attacks, and bad bots. As organizations are struggling to keep up with the pace of new threats that are probing for new vulnerabilities, Barracuda Web Application Firewall helps filling these gaps effectively.
Barracuda Web Application Firewall protects against all OWASP top 10 attacks with layered traffic processing engine and Smart Signatures that reduce detection time and improve detection. Application Learning adds automated Positive Security, with the ability to enforce security from URL down to parameter level. It offers Advanced Bot Protection using machine learning to spot and block bad bots while allowing legitimate human and bot traffic to proceed with minimal impact. It also protects APIs against all application attacks. Its API Discovery capabilities make it easy to configure protection and limit the chances for misconfiguration.
With the growing SaaS adoptions, web applications become target for bad bots or DDoS attacks. Barracuda has successfully deployed its solution across diverse industries and organizations in the Asia Pacific region. One of its customers, The Universiti Malaysia Perlis (UniMAP), which has multiple application servers, web services, and informational websites used by students and staff on more than 30 different campuses, was looking for a solution to “ensure network performance, scalability and foremost, to protect the multi-application environment from any loss of confidential data.” By deploying Barracuda Web Application Firewall, UniMAP gained protection from constant SQL injection and other malware attacks. All web traffic passing through the firewalls used HTTP and HTTPS protocols and provided secure, encrypted communication between university students and lecturers on one end, and web applications on the other. Also, the dashboard made it easy to manage and monitor web applications across the network and “It is easy to use, and the installation process is smooth and quick, with the Barracuda Web Application Firewall simply plugging in between data centers,” said Nasrudin Abd Shukor, Director of UniMAP ICT Centre. Most importantly, it ensured that the confidential data is safe.
Click image for fullscreen
VTB Bank has developed a full ecosystem of technological solutions, including Big Data and artificial intelligence, to safeguard over 15 million clients. This system encompasses session and transaction monitoring, recognition of incoming call numbers in mobile networks and messengers, control of operation limits, along with a financial security educational segment.
Today, the topic of cybersecurity takes center stage in all sectors of the economy. According to the Central Bank of the Russian Federation, the number of unauthorized financial transactions increased by 4.29% in 2022 compared to 2021. With the help of developed algorithms, VTB Bank can not only track but also proactively alert customers to fraudulent activities, including phone and internet scams in social networks, websites, and other forms. Furthermore, VTB takes preventive measures against fraud, fostering collaboration between government and non-governmental organizations. The banking community and communication operators joined forces to block phone and internet traffic.
To combat phone fraud, our system includes a caller ID that identifies all incoming calls, and we share data on unwanted calls with communication regulators to block negative traffic. For internet fraud (including scams, phishing, and social media deception), we employ a service to verify counterfeit websites and links. A monitoring system tracks account activities and customer parameters susceptible to compromise through psychological manipulation. In cases of data compromise, we implement a comprehensive set of behavioral and anomaly analysis measures to counteract malicious actors, be it clients or third parties conducting transactions on their behalf.
We employ these solutions to safeguard VTB clients' funds. Best practices are extended to VTB Group's subsidiaries, both within and beyond the country. VTB operates in CIS countries, Asia, and Africa. In the Asia-Pacific region, VTB banks operate in China (Beijing), India (New Delhi), Singapore, and the UAE (Dubai). Thanks to the development of a cybersecurity technology ecosystem for the internet banking and mobile application, we managed to prevent 7-8 million attacks and save over 22 billion rubles (~$340 million) of client funds in 2022 solely within VTB Bank.
Click image for fullscreen
Akamai's Application Security is a cloud-based suite of solutions that safeguards web applications from DDoS attacks, web vulnerabilities, and online threats. It ensures real-time threat detection, mitigates risks, and maintains a secure digital experience for businesses and their customers.
Akamai's Application Security aims to address various security-related issues, including protection against Distributed Denial of Service (DDoS) attacks, which can disrupt web services and cause downtime. The service also focuses on mitigating web application vulnerabilities, such as SQL injection and cross-site scripting, which could lead to data breaches and unauthorized access. Additionally, Akamai seeks to defend against other online threats that target web applications, ensuring the availability, reliability, and performance of critical digital assets. By offering real-time threat detection and intelligent security measures, the solution aims to safeguard businesses and their customers from a wide range of cyber risks and maintain a secure online environment.
Akamai's Application Security leverages a combination of advanced technologies and innovations to protect web applications. These include network analytics to monitor and analyze traffic patterns, identifying potential threats in real-time. Artificial Intelligence (AI) and Machine Learning (ML) are used to detect and mitigate emerging threats proactively. The service also employs behavioral analysis to distinguish between legitimate users and malicious actors. Akamai's cloud-based platform and content delivery network (CDN) enable efficient and scalable distribution of security measures. Additionally, the solution may integrate blockchain technology for enhanced data integrity and authentication. These technologies collectively fortify web applications against DDoS attacks, web vulnerabilities, and other online risks, ensuring a secure and reliable digital experience.
Akamai's Application Security is widely deployed across diverse industries such as e-commerce, finance, healthcare, gaming, media, government, technology, and education. This cloud-based suite of solutions protects web applications from DDoS attacks, web vulnerabilities, and online threats. Industries rely on Akamai's real-time threat detection and mitigation capabilities to safeguard critical online assets, maintain customer trust, and ensure uninterrupted access to services. From securing sensitive financial data to defending against content piracy, the service enhances security across the digital landscape. By offering intelligent protection measures and minimizing latency, Akamai's Application Security helps businesses maintain a secure and seamless online experience for their users, regardless of the industry they operate in.
Click image for fullscreen
F5's Application Security Solution is a comprehensive suite of tools designed to safeguard web applications from cyber threats. It includes features like web application firewall (WAF), DDoS protection, bot mitigation, and advanced threat intelligence, ensuring application availability, performance, and protection against evolving security risks.
F5's comprehensive suite of application security solutions addresses cybersecurity issues such as protecting web applications from DDoS attacks, SQL injection, cross-site scripting, and other OWASP Top Ten vulnerabilities. The solution also focuses on mitigating the risks posed by malicious bots and automated attacks that can disrupt services or compromise data. By offering a web application firewall (WAF), F5 helps prevent unauthorized access and secures sensitive information. Furthermore, the solution seeks to provide advanced threat intelligence, real-time monitoring, and incident response capabilities, enabling organizations to proactively detect and respond to emerging security threats, ensuring the confidentiality, integrity, and availability of their applications and data.
F5 application security solutions are based on a variety of technologies and innovations that aim to provide comprehensive and consistent protection for apps and APIs across different environments, such as:
• Machine learning enhances advanced API endpoint discovery, anomaly detection, telemetry, and behavioral analysis. ML also powers F5's bot defense and fraud prevention capabilities, which can accurately determine the truth and intent of users and transactions.
• F5 solutions operate within modern development paradigms and frameworks, such as DevSecOps, to help organizations shift left and secure their apps and APIs throughout the lifecycle.
• Identity and context awareness, encryption, multi-factor authentication, and policy enforcement to provide granular and dynamic access control.
• Intelligent threat services provide real-time threat intelligence, analysis, and response for apps and APIs.
F5 deploys its application security solutions across various organizations in the APAC region, including enterprises, government agencies, financial institutions, e-commerce platforms, educational institutions, healthcare providers, and cloud service providers. These solutions safeguard web applications from cyber threats, ensuring data security, availability, and compliance with industry regulations. Enterprises in finance, healthcare, manufacturing, and retail benefit from F5's protection. Government agencies trust F5 to secure digital assets and deliver public services securely. Financial institutions rely on F5 to defend against cyber-attacks and maintain regulatory compliance. E-commerce platforms ensure safe online transactions for their customers using F5's services. Educational institutions protect sensitive data and intellectual property. Healthcare providers safeguard patient data and comply with HIPAA regulations. Cloud service providers integrate F5's solutions for enhanced security. Overall, F5's application security solutions cater to diverse industries, helping organizations stay resilient against evolving cyber threats in the APAC region.
Click image for fullscreen
GuardRails' DevSecOps solution is a comprehensive platform that integrates seamlessly into the software development lifecycle. It continuously identifies security vulnerabilities, code quality issues, and compliance violations within code repositories, providing real-time feedback to developers. This enables teams to proactively address and remediate risks, enhancing overall application security and development efficiency.
GuardRails’ platform seeks to proactively identify and remediate security vulnerabilities such as code injection, cross-site scripting, SQL injection, and sensitive data exposure. Additionally, it focuses on mitigating authentication and authorization flaws, security misconfigurations, and inadequate logging and monitoring practices. GuardRails also targets code quality issues and compliance violations, ensuring adherence to industry standards and best practices. By providing real-time feedback to developers and integrating seamlessly into the software development lifecycle, GuardRails empowers organizations in the APAC region to bolster their application security, minimize the risk of data breaches, and maintain robust protection against cyber threats.
GuardRails' DevSecOps solution deploys a combination of cutting-edge technologies and innovations to enhance application security. These include static code analysis, dynamic analysis, and dependency scanning to identify security vulnerabilities and code quality issues. Machine learning and artificial intelligence algorithms are employed to continually improve threat detection accuracy and prioritize potential risks. The platform integrates seamlessly with popular code repositories and CI/CD pipelines, enabling real-time feedback to developers. Additionally, GuardRails leverages cloud-based infrastructure and advanced analytics to provide comprehensive security insights. These technologies collectively empower organizations in the APAC region to fortify their applications against threats and streamline their development processes while maintaining a strong security posture.
GuardRails deploys its DevSecOps solution across a wide range of industries in the APAC region, ensuring robust application security and compliance. These industries include but are not limited to finance, banking, healthcare, e-commerce, government, technology, education, and telecommunications. By catering to diverse sectors, GuardRails helps companies of all sizes and complexities enhance their development processes while maintaining a strong focus on security. The platform's ability to seamlessly integrate into various software development workflows makes it an adaptable and valuable asset for businesses seeking to safeguard their applications and data from potential threats and vulnerabilities.
Click image for fullscreen
Imperva is a leading cybersecurity company that specializes in protecting business-critical data and applications. We offer a range of products and services including web application firewalls, database security, and DDoS protection. Imperva helps organizations defend against cyberthreats, secure their software assets, and ensure regulatory compliance.
Imperva aims to protect web applications from attacks like SQL injection and cross-site scripting (XSS), safeguard databases against unauthorized access and data breaches, mitigating DDoS attacks to maintain uninterrupted service availability, and ensuring compliance with various regulatory requirements such as GDPR and PCI DSS. Imperva's solutions aim to provide organizations with robust cybersecurity measures to detect, prevent, and respond to evolving threats, safeguard sensitive data, and maintain the integrity and availability of their critical applications.
Imperva's Web Application Firewall (WAF) protects against web-based attacks like SQL injection and XSS, while Database Activity Monitoring (DAM) ensures real-time database security. DDoS protection combats large-scale attacks, and data security features like encryption and tokenization safeguard sensitive information. Behavioral analytics detects unusual user behavior and potential insider threats. Imperva's comprehensive approach also addresses regulatory compliance requirements such as GDPR and PCI DSS. Through these cutting-edge tools, organizations benefit from proactive defense measures against evolving cyberthreats.
Imperva has deployed its cybersecurity solutions and services across various industries and organizations in the Asia Pacific region. These deployments span financial services, healthcare, e-commerce, government, technology, and more. For instance, a leading financial institution in Singapore utilized Imperva's Web Application Firewall (WAF) and Database Activity Monitoring (DAM) to enhance their security posture. The WAF protected their online banking and transactional portals, ensuring that customer data and financial transactions were safeguarded from potential threats like SQL injection attacks. The DAM provided real-time monitoring of their critical databases, detecting and preventing unauthorized access attempts, thus protecting sensitive customer information and ensuring compliance with industry regulations. This successful deployment significantly improved the organization's overall security resilience, reducing the risk of data breaches and enhancing customer trust. By partnering with Imperva and leveraging their advanced technologies, businesses in the Asia Pacific have bolstered their cybersecurity defenses, maintaining the confidentiality, integrity, and availability of their critical assets in the face of evolving cyber threats.
Click image for fullscreen
Micro Focus' Application Security solution is a comprehensive suite of tools and services designed to safeguard software applications throughout their lifecycle. It includes features like static and dynamic analysis, automated testing, and vulnerability assessment, helping organizations identify and rectify security flaws to ensure robust protection against cyber threats.
Micro Focus aims to address critical software-related security issues with its application development lifecycle and vulnerability management solutions. These include identifying and mitigating software vulnerabilities, preventing data breaches and cyberattacks, ensuring compliance with industry regulations, enhancing secure development practices, and fortifying application resilience against evolving threats. By offering static and dynamic analysis, automated testing, and vulnerability assessment capabilities, the solution enables organizations to proactively detect and fix security flaws in their software applications, thereby reducing the risk of potential exploits and protecting sensitive data from unauthorized access or manipulation.
Micro Focus' Application Security solution incorporates several cutting-edge technologies and innovations to enhance security. These include advanced static and dynamic analysis techniques to identify code vulnerabilities, machine learning algorithms for intelligent and automated testing, artificial intelligence for behavior-based anomaly detection, and data analytics to assess application risk comprehensively. By integrating these technologies, Micro Focus aims to provide a powerful and efficient platform that proactively defends against cyberthreats, ensures compliance, and promotes secure software development practices throughout the application lifecycle.
Micro Focus, a global software company, has deployed its application lifecycle management security and vulnerability management solutions in various industries across the Asia Pacific region, such as banking and finance, government, healthcare, telecommunications, e-commerce, and manufacturing. These industries recognize the growing importance of securing their software applications against cyberthreats and data breaches. By adopting Micro Focus' suite of solutions, organizations in these sectors can proactively assess and rectify vulnerabilities in their software, comply with industry regulations, protect sensitive data, and ensure a robust security posture throughout their application development and maintenance processes. The widespread application of this solution in diverse industries underscores its relevance and effectiveness in addressing the region's evolving cybersecurity challenges.
Click image for fullscreen
Securonix is a leading company in Unified Defense SIEM. The company provides threat detection and response solutions powered by the most advanced analytics and built on a scalable, flexible cloud-native architecture. Securonix Next-Gen SIEM enable fast, precise incident response, providing high fidelity alerts with analytics that pioneered the UEBA category.
Today’s complex cloud and hybrid environments makes it increasingly challenging for SOC teams to ingest security-related data at scale, control costs, manage security tools effectively, and take action against advanced threats. Securonix provides end-to-end security offerings for threat detection, investigation and response (TDIR) in modern environments — reducing noise, prioritizing high fidelity alerts, and limiting analyst complexity.
Core capabilities of Securonix Unified Defense SIEM:
● Cloud-native deployment – for quick ROI with minimal operational overhead and unlimited scalability
● Analytics-based approach to detect advanced threats
● Packaged content – providing out of the box threat detection and response
Securonix leverages machine learning and threat modeling to eliminate the alert fatigue that security teams are burdened with today. The ability of a behavior analytics platform to utilize signature-less technology to baseline normal behavior and immediately alert when abnormal or outlier behavior is detected provides the missing link to current technologies. Add out-of-the-box threat models to support thousands of use cases for insider threat, data exfiltration, privilege account abuse, access reviews and abuse, fraud, cyber risk and compliance and you now have the ability to proactively identify threats and stop them before the exposure occurs.
Our customers range from BFSI, IT & ITeS, government and manufacturing sectors. BFSI continues to be a top client for us. We recently deployed our SIEM solution for Coinhako, an Asia-based provider of an easy-to-use cryptocurrency buying platform. Coinhako needed more direct visibility and control to keep up with an ever-changing and dynamic threat landscape. Previously, Coinhako relied on a managed detection and response (MDR) solution to support its threat detection, investigation, and remediation (TDIR) needs. As Coinhako grew to serve more customers and handle more transactions, they strategically decided to support their TDIR activities in-house with a dedicated security operations team and solutions to address business- impacting threats. The company decided to go with Securonix next-gen SIEM because it can quickly identify anomalies, provide a comprehensive analysis to understand the problem, and define a targeted remediation plan to quickly mitigate any potential threat. Securonix aptly demonstrated the technical capabilities needed to meet the ever-changing threat landscape. Securonix's single data platform, out-of-the-box behavioral analytics, automated threat detection and streamlined workflow helped Coinhako gain extensive visibility into the cloud assets within its environment and navigate its unique security challenges. For more info, click here - https://www.securonix.com/wp-content/uploads/2023/06/Case-Study-Coinhako_060623.pdf
Click image for fullscreen
LogRhythm specializes in delivering innovative security information and event management (SIEM) solutions to help organizations detect and respond to cyberthreats effectively. The company's expertise, automated processes, and partnerships enable it to serve diverse industries and comply with various data security regulations.
LogRhythm provides real-time threat detection, incident response, and mitigation of cyberthreats across organizations' networks and information systems. Its SIEM platform focuses on providing advanced cybersecurity technologies, leveraging threat intelligence, automation, and orchestration to enhance the efficiency of incident response processes. By offering compliance support and partnering with other cybersecurity vendors, LogRhythm seeks to help its customers effectively tackle evolving security challenges, protect sensitive data, and stay ahead of emerging threats in an ever-changing digital landscape.
LogRhythm's SIEM service integrates various technologies to provide real-time monitoring, data correlation, and visualization, enabling organizations to proactively defend against cyberthreats, streamline incident response, and maintain compliance with industry regulations effectively. These include advanced network analytics to monitor and detect anomalies, machine learning algorithms for behavioral analysis and threat detection, and artificial intelligence for automated incident response and pattern recognition. Additionally, the platform leverages threat intelligence feeds to stay updated on emerging threats.
LogRhythm has deployed its SIEM solutions in various Asia Pacific industries and organizations, including financial services, government and defense, healthcare, and energy sectors. For example, a prominent bank in Singapore implemented LogRhythm's SIEM solution, achieving real-time visibility into its network and prompt detection of potential threats. The platform's machine learning capabilities identified anomalous user behavior and unauthorized access attempts, bolstering the bank's cybersecurity posture. LogRhythm's solutions address diverse security challenges, such as real-time threat detection, incident response, and compliance support, benefiting organizations across the region in safeguarding critical data, infrastructure, and operations from cyber threats.
Click image for fullscreen
BeyondTrust is a leading cybersecurity company specializing in Privileged Access Management (PAM) and Vulnerability Management solutions. With a focus on securing privileged access and identifying vulnerabilities, we help organizations prevent breaches, maintain compliance, and enhance operational efficiency.
BeyondTrust addresses various security-related issues with its Privileged Access Management (PAM) and Vulnerability Management solutions. By securing privileged accounts and monitoring access, it mitigates the risk of unauthorized access and privilege misuse. Our Vulnerability Management helps detect and prioritize weaknesses, reducing the potential for breaches. Endpoint Privilege Management controls privileges on endpoints, minimizing risks like data exfiltration and malware attacks. Secure Remote Access ensures safe remote connections, while Secure File Transfer encrypts files during transit, preventing data leaks. Additionally, BeyondTrust aids organizations in meeting regulatory compliance requirements, enhancing overall cybersecurity and resilience against potential threats.
BeyondTrust's cybersecurity solutions incorporate a range of cutting-edge technologies, including Artificial Intelligence (AI) and Machine Learning (ML) for privileged behavior analytics and threat detection. Network analytics monitor traffic for anomalies, while encryption safeguards data during transfer. The potential use of blockchain enhances data integrity and identity management. Multi-Factor Authentication (MFA) adds an extra layer of security, and Privileged Access Management (PAM) frameworks control and monitor privileged access. Vulnerability scanning tools identify weaknesses, and endpoint security solutions protect against endpoint-based threats. Secure Remote Access protocols ensure encrypted connections for remote users, delivering comprehensive and innovative security measures to address organizations' cybersecurity challenges.
BeyondTrust's solutions cater to various industries and organizations in the Asia Pacific, such as finance, government, healthcare, technology, and manufacturing. For instance, innovation and mergers fueled Denmark-based Ramboll’s growth into a truly global organization, with 16,500 people in 35 countries, including the Asia Pacific region. Ramboll’s business activities grew to encompass transportation, urban planning, water, energy, climate and sustainability, the environment, and healthcare. As a result, IT was not global nor standardized, with every country handling access privileges and admin rights differently. Local IT teams were overburdened with basic maintenance tasks and security teams lacked visibility and control at the global level, with no way to ensure people had access to the tools and assets they needed without compromising infrastructure or data and ensuring license compliance, along with software standardization. The target of cyberattacks over the years, it needed solutions to prevent future incidents, and gaining control of admin rights was a key objective. To counter these deficiencies, the company decided to bolster and standardize application control and privileged management across the entire organization with the smooth rollout of BeyondTrust, including its Endpoint Privilege Management solution to protect against fileless threats that use approved applications to slip by Ramboll’s defenses.
Click image for fullscreen
Saviynt is a leading provider of identity governance and cloud security solutions. Our platform enables enterprises to secure and govern their digital identities, access, and data across cloud and on-premises environments. With a focus on risk-based security, Saviynt helps organizations efficiently manage and protect their critical assets.
Saviynt aims to address various security-related challenges through its solution. These include mitigating the risks associated with identity and access management, ensuring compliance with industry regulations and data protection standards, securing critical assets and data across hybrid and multi-cloud environments, preventing unauthorized access and insider threats, streamlining identity governance processes, and providing comprehensive visibility into user activity for threat detection and response. By offering a robust identity governance and cloud security platform, Saviynt seeks to empower organizations to proactively safeguard their systems, data, and applications from emerging cyberthreats and vulnerabilities.
Saviynt's solution leverages a range of cutting-edge technologies and innovations to enhance security and identity governance. These include advanced artificial intelligence (AI) and machine learning (ML) algorithms for risk-based access management, anomaly detection, and behavioral analytics. The platform integrates with various cloud providers and on-premises systems, utilizing API-driven architecture for seamless integration. Saviynt's Identity Governance and Administration module employs access analytics that enable organizations to compare user access to peers. These technologies work in synergy to deliver a comprehensive and proactive security approach, ensuring organizations can effectively manage and protect their digital identities and resources in complex IT environments.
Saviynt has successfully deployed its solutions and services across diverse industries in the Asia Pacific region, encompassing financial services, energy, and healthcare sectors. For financial institutions, Saviynt aids in enhancing compliance with regulations like PCI DSS and SOX, as evidenced by a Singaporean bank's 50% reduction in PCI DSS compliance risk. Energy companies have benefited from improved security and data breach risk reduction, exemplified by a major Australian oil and gas firm experiencing a 75% decrease in data breach risk. Similarly, healthcare organizations have achieved heightened patient privacy and security, such as a large hospital in Japan lowering patient privacy risk by 90%. Origin Energy, an Australian energy company, illustrates a successful Saviynt deployment, which improved its IAM capabilities by centralizing processes, reducing IAM costs by 50%, and bolstering compliance by 20% with industry regulations. Overall, Saviynt's solutions are instrumental in fortifying security postures, mitigating data breach risks, and fostering regulatory compliance for organizations throughout the Asia Pacific region.
Click image for fullscreen
SSH Privileged Access Management is a solution for centrally managing and securing SSH keys within organizations. It automates key provisioning, access control, and rotation, integrates with IAM systems, and enables monitoring and auditing for improved security and compliance. SSH Quantum Security defends an organization’s long-term secrets against the quantum threat with quantum-safe cryptography (QSC).
SSH PAM solutions address security-related issues related to the management and access control of SSH keys. These include the centralization of key management to avoid complexity and maintain visibility, enforcing strict access policies to prevent unauthorized access, reducing the risk of key exposure and sharing, enabling monitoring and auditing capabilities for detecting suspicious activities, and facilitating key rotation to minimize the impact of compromised or outdated keys. To address the rising threat of quantum technologies, SSH employs QSC to enhance security, mitigate risks, and promote better compliance with security standards in organizations using SSH for secure communications and remote access.
SSH solutions deploy encryption, access control lists, centralized key management, machine learning-based behavioral analytics, multi-factor authentication, auditing mechanisms, and automation to efficiently manage SSH keys. These technologies ensure strong security by protecting keys, detecting unusual activities, enforcing access policies, and simplifying key provisioning and rotation processes. By employing quantum-safe cryptography (QSC) and post-quantum cryptography (PQC), which are the backbones of quantum security, SSH solutions offer organizations a robust and centralized approach to address SSH-related security challenges effectively for today and into the quantum computing future.
SSH solutions are being adopted across various industries in the Asia Pacific region. Some of the industries that have deployed our solutions include banking and finance, government and public sector, technology and IT services, healthcare, telecommunications, e-commerce, and manufacturing. These industries often prioritize strong security measures and efficient access control to protect sensitive data, making SSH solutions an attractive choice for their secure communication and remote access needs.
Click image for fullscreen
Tenable Identity Exposure is an Identity Threat Detection and Response solution that fills long-standing gaps in AD security. It reduces the AD attack surface with continuous assessment, real-time attack detection, AI-driven exposure and risk prioritisation, and detailed remediation guidance.
A Forrester Consulting study commissioned by Tenable revealed that 50% of IT and security professionals lack an effective way to integrate user privilege data into their vulnerability management practices. Active Directory (AD) serves as a central source of truth for critical business applications, making its compromise a significant concern in ransomware and other attacks. Traditional AD security tools offer outdated visibility with point-in-time scans and aggregated event logs. Tenable Identity Exposure addresses long-standing AD security gaps by providing continuous assessment, real-time attack detection, AI-driven exposure and risk prioritization, and detailed remediation guidance, helping organizations reduce their AD attack surface.
Access misconfiguration and weak identities are at the heart of ransomware attacks and corporate data breaches. Threat actors are only one identity vulnerability away from breaking into SaaS applications and stealing data. This is why Tenable recently added several new identity-aware features that harness the power of artificial intelligence (AI) and machine learning to provide a unified view of all user identities and entitlement risks, whether on-prem or in the cloud. By leveraging modern AI techniques, Tenable can now quickly identify and prioritize identity and entitlement-related problems across AD and Azure AD.
Approximately 43,000 organizations around the globe, including approximately 60 percent of the Fortune 500, approximately 40 percent of the Global 2000, and large government agencies trust Tenable to understand and reduce their cyber risk. We actively support organisations across key verticals such as government, manufacturing, finance, retail, healthcare, transportation, technology, utilities, oil & gas.
Example:
To meet local government guidelines, Hyogo Prefecture transitioned its administrative systems and staff computers over to Hyogo Prefecture Information Security Cloud. As the security backbone of the Information Security Cloud, Active Directory was one of the central components being used to manage user accounts and client terminals. Realizing that AD is at the center of numerous cyberattacks and breaches, Hyogo Prefecture deployed Tenable Identity Exposure Management solution to strengthen its AD to prevent the “keys to the kingdom” from landing in the wrong hands.
Within a few weeks, Hyogo Prefecture was relieved that it was able to identify unused accounts and delete a significant number of unnecessary objects from AD. Hyogo Prefecture was also able to stay on top of tracking the status of dormant accounts and password policy compliance, as well as account trust relationships, inappropriate configurations, and changes in AD.
Click image for fullscreen
CyberArk's Identity & Access Management solution provides robust control and security for privileged accounts and sensitive data. It helps organizations prevent data breaches and unauthorized access by centrally managing, securing, and monitoring user credentials, enabling compliance with industry regulations and safeguarding critical assets from cyber threats.
CyberArk's Identity & Access Management solution aims to tackle several critical security-related challenges faced by organizations. These include preventing unauthorized access to sensitive data and privileged accounts, mitigating insider threats, safeguarding against cyberattacks that exploit privileged credentials, enforcing least privilege principles, ensuring compliance with industry regulations, monitoring and auditing access activities, detecting and responding to suspicious behavior, and enhancing overall cybersecurity posture. By offering robust control and management of identities and access, CyberArk's solution aims to protect organizations from data breaches, cyber threats, and potential financial and reputational damages.
CyberArk's Identity & Access Management solution leverages a range of cutting-edge technologies and innovations to enhance security. These include advanced network analytics for anomaly detection, artificial intelligence (AI) and machine learning (ML) algorithms for behavioral analysis and threat detection, multi-factor authentication (MFA) for enhanced user verification, privileged access management (PAM) solutions to control privileged accounts, and encryption techniques to secure sensitive data. The combination of these technologies provides comprehensive protection against cyberthreats, improves access control, and ensures regulatory compliance for organizations.
CyberArk's Identity & Access Management solution has been deployed across diverse industries in the Asia Pacific. Banking and finance sectors use it to secure customer data and transactions. Healthcare relies on it to protect patient records and privacy. Government agencies secure sensitive data and infrastructure. Manufacturing protects intellectual property and critical systems. Telecommunications safeguard customer information and networks. Technology and IT services secure cloud environments and privileged access.
Click image for fullscreen
Saviynt is a leading provider of identity governance and cloud security solutions. Our platform enables enterprises to secure and govern their digital identities, access, and data across cloud and on-premises environments. With a focus on risk-based security, Saviynt helps organizations efficiently manage and protect their critical assets.
Saviynt aims to address various security-related challenges through its solution. These include mitigating the risks associated with identity and access management, ensuring compliance with industry regulations and data protection standards, securing critical assets and data across hybrid and multi-cloud environments, preventing unauthorized access and insider threats, streamlining identity governance processes, and providing comprehensive visibility into user activity for threat detection and response. By offering a robust identity governance and cloud security platform, Saviynt seeks to empower organizations to proactively safeguard their systems, data, and applications from emerging cyberthreats and vulnerabilities.
Saviynt's solution leverages a range of cutting-edge technologies and innovations to enhance security and identity governance. These include advanced artificial intelligence (AI) and machine learning (ML) algorithms for risk-based access management, anomaly detection, and behavioral analytics. The platform integrates with various cloud providers and on-premises systems, utilizing API-driven architecture for seamless integration. Saviynt's Identity Governance and Administration module employs access analytics that enable organizations to compare user access to peers. These technologies work in synergy to deliver a comprehensive and proactive security approach, ensuring organizations can effectively manage and protect their digital identities and resources in complex IT environments.
Saviynt has successfully deployed its solutions and services across diverse industries in the Asia Pacific region, encompassing financial services, energy, and healthcare sectors. For financial institutions, Saviynt aids in enhancing compliance with regulations like PCI DSS and SOX, as evidenced by a Singaporean bank's 50% reduction in PCI DSS compliance risk. Energy companies have benefited from improved security and data breach risk reduction, exemplified by a major Australian oil and gas firm experiencing a 75% decrease in data breach risk. Similarly, healthcare organizations have achieved heightened patient privacy and security, such as a large hospital in Japan lowering patient privacy risk by 90%. Origin Energy, an Australian energy company, illustrates a successful Saviynt deployment, which improved its IAM capabilities by centralizing processes, reducing IAM costs by 50%, and bolstering compliance by 20% with industry regulations. Overall, Saviynt's solutions are instrumental in fortifying security postures, mitigating data breach risks, and fostering regulatory compliance for organizations throughout the Asia Pacific region.
Click image for fullscreen
SSH Privileged Access Management is a solution for centrally managing and securing SSH keys within organizations. It automates key provisioning, access control, and rotation, integrates with IAM systems, and enables monitoring and auditing for improved security and compliance. SSH Quantum Security defends an organization’s long-term secrets against the quantum threat with quantum-safe cryptography (QSC).
SSH PAM solutions address security-related issues related to the management and access control of SSH keys. These include the centralization of key management to avoid complexity and maintain visibility, enforcing strict access policies to prevent unauthorized access, reducing the risk of key exposure and sharing, enabling monitoring and auditing capabilities for detecting suspicious activities, and facilitating key rotation to minimize the impact of compromised or outdated keys. To address the rising threat of quantum technologies, SSH employs QSC to enhance security, mitigate risks, and promote better compliance with security standards in organizations using SSH for secure communications and remote access.
SSH solutions deploy encryption, access control lists, centralized key management, machine learning-based behavioral analytics, multi-factor authentication, auditing mechanisms, and automation to efficiently manage SSH keys. These technologies ensure strong security by protecting keys, detecting unusual activities, enforcing access policies, and simplifying key provisioning and rotation processes. By employing quantum-safe cryptography (QSC) and post-quantum cryptography (PQC), which are the backbones of quantum security, SSH solutions offer organizations a robust and centralized approach to address SSH-related security challenges effectively for today and into the quantum computing future.
SSH solutions are being adopted across various industries in the Asia Pacific region. Some of the industries that have deployed our solutions include banking and finance, government and public sector, technology and IT services, healthcare, telecommunications, e-commerce, and manufacturing. These industries often prioritize strong security measures and efficient access control to protect sensitive data, making SSH solutions an attractive choice for their secure communication and remote access needs.
Click image for fullscreen
VTB Bank established a technology product ecosystem to centralize and gather data on unlawful activities by third parties via mobile and internet channels. VTB Online banking users can submit suspicious phone numbers and phishing links for automatic blocking by regulatory authorities, providers, and communication operators.
VTB became the first bank in the Russian Federation to develop and integrate a mechanism for collecting data on fraudulent calls, messages, phishing, and scams into the communication regulator's system. The service tracks numbers, phishing links, and communication channels used by malicious actors to deliberately steal customers' funds, employing psychological manipulation. Particularly, phone fraud thrives in social networks, messengers, and mobile apps of non-financial organizations, such as online classified platforms.
VTB has become the first Russian bank to collaborate with the Ministry of Digital Development for analyzing data on fraudulent calls and messages. VTB Online banking service collects citizens' reports daily from messengers, interactive voice response (IVR), chatbots, and the contact center. The system aggregates and automates data transmission to the communication regulator, internet providers, and operators. Participants then block traffic and content, providing relevant information to law enforcement agencies for apprehending fraudsters. The bank expects the service to triple the speed of blocking fraudulent calls. The proposed mechanism aims for future scaling, becoming accessible to all market participants.
Thanks to the seamless integration of the customer feedback collection service, the entire operation cycle was established to eliminate fraudulent traffic. This process resulted in a 25% reduction in online fraud cases in Russia and a 50% decrease in attacks on our clients compared to the previous year in 2022. The main counterparties of this solution include the communication regulator, mobile operators, and law enforcement agencies in Russia. We employ all these solutions to safeguard VTB clients' funds and subsidiaries, both domestically and internationally. In the Asia-Pacific region, VTB banks operate in China (Beijing), India (New Delhi), Singapore, and the UAE (Dubai). The service is also recommended for use across the entire banking community within the country.
Click image for fullscreen
ACI Worldwide is a global leader in mission-critical, real-time payments software. Our software solutions and services are used by some of the largest banks, merchants, and billers in the world to process and manage digital payments, power omni-commerce payments, present and process bill payments, and manage fraud and risk.
ACI Worldwide aims to be a trusted partner for businesses that are looking to process and manage digital payments in a secure and scalable way. ACI's fraud solution is designed to be comprehensive and adaptive, so that it can address the latest fraud threats. It is also scalable, so that it can be used by businesses of all sizes. In addition to its fraud solution, ACI Worldwide also offers a variety of other security-related services, such as consulting, training, and managed security services. These services can help businesses to improve their overall security posture and protect themselves from fraud and other threats.
ACI Worldwide uses a variety of technologies and innovations to detect and prevent fraud, including machine learning, rules-based detection, transaction profiling, multi-factor authentication, and behavioral analytics. These technologies are used to create a comprehensive and effective fraud prevention solution that can address the latest fraud threats. Machine learning is used to train models that can identify patterns of fraudulent behavior. These models can be used to detect fraud in real time, even when the fraudsters are using new techniques. Rules-based detection is used to identify transactions that match known patterns of fraud. These rules can be used to flag suspicious transactions for further investigation.
ACI Worldwide is committed to providing businesses in Asia Pacific with the best possible fraud prevention solutions. By working with ACI Worldwide, businesses can protect themselves from fraud and ensure the security of their customers' data. We have deployed our fraud solution/service to a number of organizations in Asia Pacific, including government agencies and healthcare providers.
Click image for fullscreen
Provenir's AI-powered decisioning platform is a flexible SaaS solution that helps financial services organizations stay ahead of risk. The platform gives organizations the freedom to iterate, expand, and scale on their own timeline.
Provenir helps organizations protect their data, assets, and reputation with an AI-powered credit risk decisioning platform for various financial services, such as banking, SME lending, buy now pay later, digital merchant onboarding, auto financing, loan origination, and retail and point-of-sale. Provenir's platform enables its clients to access and orchestrate data from multiple sources, deploy and optimize AI models, and automate and streamline risk decisioning processes across the customer lifecycle.
The platform employs encryption, access control, and auditing to protect data. It also uses a variety of methods to verify the identity of customers and employees, including document verification, address verification, and social media analysis. Additionally, we use a variety of methods to detect and prevent fraud, including transaction monitoring, anomaly detection, and machine learning. One of the partners that Provenir works with to offer online fraud management is Vesta, a leader in fraud protection solutions for digital payments, to help Provenir's clients increase approval rates, reduce false positives, and guarantee 100% payment against fraud chargeback. Vesta can also integrate with Provenir's platform to provide seamless and secure fraud protection across different channels and markets. AI is used to analyze data patterns and identify suspicious activity. ML is used to train models that can predict risk and fraud. Low-code development makes it easy for business users to create and deploy decisioning models. A centralized data repository stores and manages data from multiple sources. A secure and scalable cloud infrastructure ensures that the platform is available and reliable. The platform also provides audit trails and other documentation that can be used to demonstrate compliance with regulatory requirements.
Leveraging AI, Provenir helps organizations in Asia Pacific improve fraud detection and prevention, reduce risk exposure, increase compliance, and improve the customer experience. The platform has been deployed by a variety of organizations in the region, including banks, insurers, and financial technology companies. These organizations have achieved a number of benefits from using the platform, including reduced fraud losses, lower claims costs, and faster customer onboarding. With Vesta’s partnership, Provenir's platform helps clients increase approval rates, reduce false positives, and guarantee 100% payment against fraud chargeback.
Click image for fullscreen
Viettel Security Orchestration, Automation and Response (VCS – CyCir) is one of the best-in-class SOAR solutions for large enterprises and government in South East Asia. VCS-CyCir allows various security tools to work smoothly together to improve productivity in complex security processes, helps to increase analyst productivity and fasten incident response.
VCS-CyCir provides automated investigation and response with 50+ pre-built playbooks and machine learning capabilities. The solution allows analyst to reduce 80% of manual tasks, accelerate 40% response times, simplify security operation and prioritize alerts, thereby reduce 50% false positive. By orchestrating customer’s existing technology to reduce alert overload, our solutions helped to increase analyst productivity and fasten incident response. Our customizable reporting dashboard not only saves time of reporting but also measures SOC effectiveness for managers and CISOs in real-time. VCS-CyCir enables rapid scalable on-premises, cloud or hybrid environments. Our user interface does not require high level skills to use.
Our solution incorporates cutting-edge technologies and innovations to deliver a powerful SOAR solution. It leverages advanced machine learning and artificial intelligence algorithms to automate offloading of false positive alerts. VCS - CyCir integrates with a wide range of security tools and systems, enabling seamless orchestration and automation of incident response processes. It leverages threat intelligence feeds and data enrichment to enhance threat detection and response capabilities. Additionally, VCS – CyCir offers customizable playbooks and integrations, empowering organizations to adapt and scale their security operations according to their specific needs.
Our solution has severed thousands of customers in all industries and countries such as Laos, Myanmar, Cambodia, Peru, etc. X Group* is a large Technology Group, so ensuring cyber security is a top priority. VCS - CyCir plays a role as a centralized operation solution that helps X Group manage the list of alerts and system incidents, while integrating with the security solutions and building incident handling flows for each security case. In fact, our product significantly streamlines various stages of information security monitoring operations. It effectively reduces the workload by automating numerous tasks. Notably, 90% of false positive alerts are automatically handled by our artificial intelligence-powered capabilities. By grouping alerts into meaningful incidents with shared context, we enable focused attention on each threat. For each threat, our solution provides automated or semi-automated response processes, resulting in an 80% reduction in Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) for X Group's security operations team. Additionally, our customizable reporting and automated email notifications save X Group 4 hours of work per day. After 1 month of deployment, X Group has clearly seen the value that the solution brings and the payback period is less than 1 year.
Click image for fullscreen
Anomali's Threat Detection platform is a cutting-edge cybersecurity solution that leverages advanced AI and machine learning algorithms to rapidly identify and mitigate cyber threats. By aggregating and analyzing vast amounts of security data, it provides real-time threat intelligence, enabling organizations to proactively defend against cyberattacks and protect their digital assets.
Anomali's Threat Detection platform aims to address a range of security-related issues to enhance cybersecurity for organizations. These issues include identifying and mitigating cyber threats in real-time, proactively defending against advanced persistent threats (APTs) and sophisticated attacks, protecting sensitive data from breaches and ransomware, ensuring compliance with industry regulations, and safeguarding critical infrastructure from potential cyber-attacks. By aggregating and analyzing vast amounts of threat intelligence data, the solution empowers organizations in the APAC region to stay ahead of cyber adversaries, make informed decisions, and fortify their overall security posture to counter the evolving threat landscape effectively.
Anomali's Threat Detection platform leverages a range of cutting-edge technologies and innovations to provide robust cybersecurity solutions. It utilizes advanced Artificial Intelligence (AI) and Machine Learning (ML) algorithms to analyze vast datasets and identify patterns indicative of cyber threats. The platform employs network analytics to monitor and detect anomalous activities on networks, enabling early threat detection. It also integrates threat intelligence feeds, employing big data analytics to aggregate and analyze security information from diverse sources. Additionally, the solution may incorporate blockchain technology for secure data sharing and immutability, enhancing collaboration among organizations in countering cyber threats effectively. These technologies collectively empower organizations in the APAC region to bolster their cybersecurity defenses and protect against evolving cyber threats.
Anomali deploys its Threat Detection platform across diverse industries in the APAC region, including government agencies, financial institutions, healthcare providers, technology companies, and large enterprises. The platform safeguards against cyber threats, defends critical infrastructure, protects sensitive data, and enhances overall cybersecurity for organizations in the Asia-Pacific area.
Click image for fullscreen
IBM Security offers a wide range of cybersecurity solutions and services, including threat intelligence, identity and access management, data security, network security, application security, and cloud security. Besides integrating these solutions, IBM Security QRadar SOAR is a cloud-based platform that can connect to more than 50 other third-party security tools to automate repetitive tasks and processes in incident response.
With a multitude of cybersecurity solutions and tools in the market, organizations can take the complexity out of choosing and integrating them. IBM Security QRadar SOAR is a cloud-based platform that can integrate more than 50 third-party security tools as well as other IBM Security solutions, to automate repetitive tasks and processes in cyberdefense. IBM Security QRadar SOAR can help security teams reduce the time and cost of responding to security incidents, improve their security posture, and achieve compliance with industry standards and regulations.
IBM Security QRadar SOAR unifies IBM's other security solutions, such as IBM Security QRadar SIEM, IBM Security QRadar XDR, and IBM Security QRadar Log Management. IBM Security also integrates with various security intelligence feeds, threat intelligence platforms, and security information and event management (SIEM) systems to provide comprehensive visibility and proactive threat mitigation. QRadar SOAR is a cloud-based platform. It can connect to more than 50 third-party security tools and automate repetitive tasks and processes in incident response.
IBM Security has deployed its cybersecurity solutions and services across various industries and organizations in the Asia Pacific region.
• Healthcare: IBM Security solutions have been deployed in healthcare organizations across the Asia Pacific region. For example, Hospital Authority in Hong Kong has leveraged IBM Security solutions to enhance their cybersecurity posture, protect patient data, and ensure compliance with privacy regulations. Through the deployment, they achieved improved threat detection and response capabilities, mitigated the risk of data breaches, and safeguarded sensitive healthcare information.
• Financial Services: IBM Security solutions have been deployed in various financial services organizations in the Asia Pacific region. While specific customer names may not be available, banks and financial institutions have utilized IBM Security solutions to strengthen their security infrastructure, protect customer data, and combat evolving cyber threats. With IBM Security's solutions, these organizations have achieved enhanced fraud detection, reduced risks of data breaches, and maintained regulatory compliance.
• Government: IBM Security solutions have been deployed in government agencies and organizations in the Asia Pacific region. For instance, the Singapore government has partnered with IBM Security to enhance their cybersecurity capabilities, improve threat intelligence, and safeguard critical government systems and data. This deployment resulted in increased situational awareness, efficient incident response, and robust protection against cyber threats.
• Education: IBM Security solutions have been deployed in educational institutions across the Asia Pacific region. For example, universities have utilized IBM Security solutions to strengthen their network security, protect academic and research data, and ensure secure access for students and staff. With IBM Security's solutions, these institutions have achieved improved visibility into security events, reduced vulnerabilities, and enhanced protection against cyber attacks.
Organizations across industries have benefited from improved threat detection, enhanced incident response capabilities, strengthened data protection, reduced risks of cyber threats, and increased compliance adherence with IBM Security QRadar SOAR. The solution provide organizations with the tools and technologies needed to address complex security challenges and protect their valuable assets from evolving cyberthreats.
Click image for fullscreen
OT Zero Trust Solutions - A software/hardware product matrix that provide complete and comprehansive protection for the OT environments and critical infrastructures. The product offerings consists of three pillars, namly security injection, endpoint protection, and network defense.
Applying IT security tools in OT environments is proven not working. TXOne aims for providing the best ways to make sure the highly automated systems can effectively defend themselves from threats, without impacting the operational performance and productivity. Our design philosophy is always keep operational goals at first priority, and then build security on top of that foundation. We want to remove those constraints that keep the OT environments away from a true secure status. All products need to operate independently from clouds, and all products need to support legacy systems like WinXP.
We proposed a framework of "OT Zero Trust" that protects the assets in their entire lifecycle. We supports 6000+ ICS protocols combinations and recognize 8000+ ICS applications to cover OT-specific attacks effectively and efficiently. All these efforts results in extremely system footprints yet a broader coverage of security visibility. Because we are laser focused on OT environments, we built up deep vertical insights that allows us to achieve contextual awareness when we detect malicious acts. Such intelligence allows us to add another layer of threat knowledge to protect organizations even from unknown threats. This is definitely a unique capability.
Our solutions is widely accepted in all sorts of manufacturing environments and critical infrastructures. Dividing into details, we're particularly strong in Asia Pacific for automative, semiconductor, pharmaceutical, and public sectors such as power plants and transportation. World leading brands like Denso and TSMC are running their operations with the production offered by TXOne products. One unnamed semiconductor has enormous number of Windows-based devices are highly connected to each other. The first step of security implementation is to use our network IPS appliances to segment their networks so that they can have a better resilience plan by cleaning the assets block by block instead of halting the entire line. After the first technical engagement, our endpoint solutions were then deployed on mission critical nodes. Also, new assets to join the production line need to go through our installation-free security inspector, in the form of a USB stick, for security inspection. Offline maintenance files transfer is also conducted with that secured USB stick. This customer is working with us to advocate this practice within the supply chain, and among its foreign subsidiaries, since companies in the industry are adopting similar technologies and manufacturing methodologies while complying with similar regulations.
Click image for fullscreen
Tenable OT Security, helps organisations understand the asset makeup of their entire factory floor, providing holistic coverage and security across both IT and OT environments. With technology purposely designed to be safely used on OT devices, Tenable OT Security allows organisatios to maintain productivity while securing their systems.
With the convergence of IT/OT operations, new attack surfaces have emerged, causing less than 5% of OT professionals to feel confident in securing IIoT devices and systems. Tenable OT Security was purpose-built to safeguard industrial networks in sectors like automotive, oil and gas, water, electrical/grid, and manufacturing from cyber threats, human errors, and insider threats. By providing unified visibility, security, and control across IT and OT operations, Tenable.ot with Nessus eliminates silos and offers comprehensive security tools and reports for compliance and unmatched visibility into converged IT/OT segments and ICS networks.
Tenable OT Security's unique ability to prioritise and triage vulnerabilities through VPR scoring sets it apart from other OT vendors. Forrester acknowledged Tenable's leadership in the Industrial Control Systems Security Solutions market and its integration of Indegy with Nessus, providing technical and financial benefits to buyers. Tenable OT Security offers unparalleled visibility into infrastructure without disrupting operations, utilising a patented approach that gathers extensive information, including rarely communicating devices. It seamlessly integrates with top IT security and operational tools, such as SIEM solutions, log management tools, firewalls, and ticketing systems, to address converging IT/OT infrastructure.
Approximately 43,000 organizations around the globe, including approximately 60 percent of the Fortune 500, approximately 40 percent of the Global 2000, and large government agencies trust Tenable to understand and reduce their cyber risk.
Wärtsilä a global leader in innovative technologies and lifecycle solutions for the marine and energy markets selected Tenable OT Security to manage its OT asset inventory collection and provide visibility into its OT environment. The deployment allows Wärtsilä to answer its customers’ questions around asset delivery, reducing supply chain risks and taking a proactive stance on cybersecurity. Wärtsilä will extend the Tenable solution to its customers, allowing them to visualise their own OT environments.
Customer testimonial:
“We tested multiple tools and found Tenable OT Security to have great discovery via vendor specific protocols. The workflow of the tool was a great fit for our own needs but, beyond that, we realised that using the solution allowed us to develop and introduce new services to benefit our customers too. With Tenable OT Security, we can help our customers visualise their own OT environment. This allows them to adhere to the evolving compliance landscape and ultimately assists in protecting critical infrastructure.” Ross Bailey, Cyber Security Expert, Wärtsilä. “
Click image for fullscreen
CylanceGUARD is BlackBerry’s 24x7 managed detection and response (MDR) service, underpinned by the company’s advanced Cylance AI engine. It offers BlackBerry’s best cyber experts, teamed with secure Critical Event Management (CEM), CylanceENDPOINT for endpoint protection (EPP) and endpoint detection and response (EDR) for a prevention-first, intelligent approach to combatting cyberattacks.
In the manufacturing industry, supply chains and factory floors are built around a combination of legacy OT and connected IT environments. The expanding attack surface makes these blended environments distinctly vulnerable and especially lucrative and enticing for threat actors. Amid escalating cyber threats against the industry, air-gapping, signature-based antivirus, and in-house monitoring and management are no longer sufficient. To overcome skill shortages and a lack of resources to remotely manage multiple operating environments, BlackBerry’s AI-powered prevention-first solutions provide enhanced visibility and security against both current and future cyber threats, whether online or offline, enhancing IT supply chain protection for manufacturers.
CylanceGuard offers trained threat prevention experts on a subscription-based model. Backed by Cylance AI solutions and real-time threat intelligence, CylanceGuard augments internal teams and supports organisations without the right expertise. BlackBerry AtHoc (CEM) integration helps coordinate responses with clear communications. It offers 99.5% alert management efficiency, stops attacks with a 5-year advantage, reduces alert fatigue by 90%, and stops 36% more novel attacks 12 times faster (w/20 times less resources) than other vendors. Tolly report showed CylanceENDPOINT achieved a market-leading 98.9% detection rate for both online and offline tests, using just 5% of CPU (other solutions required 100% CPU utilization.
Like many manufacturers, Singapore-headquartered manufacturer of precision plastic components Sunningdale Tech Ltd balances new systems and IoT devices with the old, including utilizing outdated hardware and software, making OT distinctly vulnerable. Recognizing the need for a new approach to cybersecurity, Sunningdale Tech set out in search of a full MDR solution, deploying BlackBerry’s CylanceGUARD to ensure continuous protection against online, offline, and air-gapped environment attacks. From its Singapore headquarters, Sunningdale manages more than 8,000 staff worldwide, making it difficult to manage and secure multiple operational environments. CylanceGUARD provides Sunningdale with access to trained threat prevention experts on a subscription-based model, and includes CylanceENDPOINT to prevent attacks. Despite its complex IT and OT environments, Sunningdale was able to deploy BlackBerry’s integrated security solution across the entirety of its global manufacturing infrastructure. Deployment of BlackBerry’s integrated Cylance solutions almost immediately reduced Sunningdale’s security alerts from 20,000 per day to fewer than ten, freeing up time for them to better focus on core competencies while looking out for lurking cyber threats. In addition to enhanced visibility and security across the manufacturing floor, access to BlackBerry’s team of seasoned cybersecurity professionals enabled Sunningdale to empower in-house cyber awareness and achieve a self-defending factory floor.
Click image for fullscreen
Claroty empowers industrial, healthcare, and commercial organizations to secure cyber-physical systems (CPS): the Extended Internet of Things (XIoT). We integrate with customers’ existing infrastructure to provide full visibility, asset and change management, risk and vulnerability management, network protection, threat detection, device efficiency, and secure remote access controls.
The XIoT’s rapid growth is causing organizations to rely on more CPS that are more diverse, interconnected, and exposed to more risks than ever. Tackling these risks requires specialized technology fueled by deep expertise in ALL types of CPS: OT, IIoT, IoT, IoMT, BMS, etc. Unlike offerings that are either generalized or solely OT- or IoMT-focused, Claroty acquired Medigate to truly tackle the XIoT’s risks by combining Claroty’s OT, IIoT, & BMS technology with Medigate’s IoT & IoMT technology. This enables Claroty to fully support customers’ needs now and in the long haul as they evolve.
Only Claroty offers equally robust-yet-scalable SaaS and on-premise options, five asset discovery methods that can be mixed/matched to enable customers to achieve full XIoT visibility, unmatched coverage of 450+ protocols to ensure even the most obscure CPS are identified & protected, the only fully integrated secure remote access solution for XIoT environments, and a vast technical ecosystem that enables customers to extend their existing tools and workflows XIoT-wide. Our portfolio is the broadest & deepest and adapts to each customer’s unique needs and environment throughout their entire XIoT cybersecurity journey — no matter their maturity, network architecture or regulatory environment.
Claroty’s customer base in APAC includes Coca-Cola EuroPacific Partners (Australia, Pacific, Indonesia), BHP, IRPC Public Company Limited, Aboitiz Power, and 100+ others spanning Automotive, Chemicals, Consumer Products, Electric, Food & Beverage, Healthcare, Heavy Industry, IT Hardware, Mining & Materials, Oil & Gas, Pharmaceuticals, Transportation, and Water & Waste. Recently, Claroty expanded the FOCUS Partner Program, adding several Managed Security Service Providers (MSSPs) including IBM, NTT Data, Cabrini Technology Group, LAC Co. Ltd., and Vector Technology Solutions. Specifically, Claroty was selected by Cabrini Technology Group, the largest medical technology service provider in Australia and New Zealand to enhance their specialised biomedical managed services portfolio and add critical medical device cybersecurity capabilities to address the growing threats within healthcare environments. Also recently, Claroty work with a leading Australian food and beverage manufacturer to bolster their IT/OT cybersecurity posture. Claroty implemented a solution that adheres to the NIST Framework and implements the Mitre ATT&CK framework to provide real-time threat detection, with the ability to integrate into the client’s wider IT network team for alerting and monitoring. The implementation across four sites in Australia provides the customer with end-to-end visibility and is part of a global rollout that includes six more sites in Australia.
Click image for fullscreen
Kaspersky IoT Infrastructure Security is a range of Cyber Immune gateways based on Kaspersky OS for reliable and functional IoT systems. These play a key role in creating end-to-end services for enterprises and works in tandem with Kaspersky Security Centre, a platform for the centralized management of all gateway events.
The Kaspersky IoT Infrastructure Security range seeks to address four areas: Infrastructure reliability – Infrastructure and data protection on the gateway level,Transition to Industry 4.0 – Assistance with digital transformation and building end-to-end services for on-premises and cloud analytics, Cloud Integration – Support for proven cloud storage and processing platforms, Data flow transparency – One-way data transmission through KISG 100 and centralised monitoring of all KISG 1000 events. Kaspersky enables the building of end-to-end services with cloud-based analytics applications, collects more information from equipment than traditional control systems, performs critical functions even in hostile environments and protects data from compromise.
Kaspersky's product is built on Siemens SIMATIC IOT2040 or Advantech UTX-3117 hardware, enabling secure data collection and transfer from industrial equipment to cloud platforms through the OPC UA protocol. Designed for digital transformation in industrial companies, it includes a gateway with data protection and monitoring features, based on Advantech UTX-3117 and using MQTT over TLS. Kaspersky Security Centre serves as a centralised platform for configuring and monitoring gateway events. Together, the two products safeguard IoT infrastructures at the gateway level, providing unified monitoring and event management through a single console.
The industries in Asia Pacific that this has been deployed in include: Banking and Financial Institutions, Government Agencies, Telecommunications, Industrial and Healthcare. This aggregates data collected via different protocols (Zigbee, LoRa, Modbus, CanBus, PROFINET, OPC UA, etc.), and converts it for transmission over cellular networks and Ethernet (MQTT, CoAP, AMQP, XMPP). In addition, it not only collects, checks and distributes telemetry, but also transmits control commands received via MQTT to devices. The system performs security functions, such as device detection and classification, logging security events in IoT systems and protection from network attacks (IDS / IPS). The product can be used as a security gateway — a specialised border network solution for protection of IoT and IoT infrastructure from hacker attacks. In addition, it is possible to configure it for particular needs, as well as add new functions from partner products.
Click image for fullscreen
OPSWAT, a global leader in IT, OT, and ICS critical infrastructure cybersecurity, protects public and private sector organizations and enterprises with an end-to-end cybersecurity platform that secures their complex networks, critical devices, and ensures compliance.
OPSWAT protects the world’s critical infrastructure with its end-to-end MetaDefender cybersecurity platform, providing multiple lines of defense across all levels of IT and OT systems. It’s growing portfolio of products and solutions solves a wide spectrum of specific customer challenges across critical networks, including application security, supply chain security, network infrastructure, endpoint management, security operations, cloud security, email security, and OEM & SDK.
OPSWAT utilizes advanced prevention technology to protect against known and unknown threats. Deep CDR ensures file protection through sanitization and reconstruction. Multiscanning utilizes 30+ anti-malware engines, detecting over 99% of malware with signatures, heuristics, and ML. Proactive DLP prevents data leaks by checking files pre-transfer. Next-Gen Sandbox analyzes files/URLs and focuses on IOC extraction & Rapid Dynamic Analysis for targeted attack detection. The Threat Intel platform gathers global device data, creating a cloud-based security database. File-Based Vulnerability Assessment detects app and file-based vulnerabilities pre-installation. Country of Origin Detection automates binary scans for software publisher identification.
OPSWAT's has a prominent presence in the Asia Pacific region, and their solutions are widely adopted in banking, finance, healthcare, government, manufacturing, and technology sectors, leading to bolstered cybersecurity defenses, minimized data breach risks, and better compliance with industry regulations.
Click image for fullscreen
Claroty empowers industrial, healthcare, and commercial organizations to secure cyber-physical systems (CPS): the Extended Internet of Things (XIoT). We integrate with customers’ existing infrastructure to provide full visibility, asset and change management, risk and vulnerability management, network protection, threat detection, device efficiency, and secure remote access controls.
The XIoT’s rapid growth is causing organizations to rely on more CPS that are more diverse, interconnected, and exposed to more risks than ever. Tackling these risks requires specialized technology fueled by deep expertise in ALL types of CPS: OT, IIoT, IoT, IoMT, BMS, etc. Unlike offerings that are either generalized or solely OT- or IoMT-focused, Claroty acquired Medigate to truly tackle the XIoT’s risks by combining Claroty’s OT, IIoT, & BMS technology with Medigate’s IoT & IoMT technology. This enables Claroty to fully support customers’ needs now and in the long haul as they evolve.
Only Claroty offers equally robust-yet-scalable SaaS and on-premise options, five asset discovery methods that can be mixed/matched to enable customers to achieve full XIoT visibility, unmatched coverage of 450+ protocols to ensure even the most obscure CPS are identified & protected, the only fully integrated secure remote access solution for XIoT environments, and a vast technical ecosystem that enables customers to extend their existing tools and workflows XIoT-wide. Our portfolio is the broadest & deepest and adapts to each customer’s unique needs and environment throughout their entire XIoT cybersecurity journey — no matter their maturity, network architecture or regulatory environment.
Claroty’s customer base in APAC includes Coca-Cola EuroPacific Partners (Australia, Pacific, Indonesia), BHP, IRPC Public Company Limited, Aboitiz Power, and 100+ others spanning Automotive, Chemicals, Consumer Products, Electric, Food & Beverage, Healthcare, Heavy Industry, IT Hardware, Mining & Materials, Oil & Gas, Pharmaceuticals, Transportation, and Water & Waste. Recently, Claroty expanded the FOCUS Partner Program, adding several Managed Security Service Providers (MSSPs) including IBM, NTT Data, Cabrini Technology Group, LAC Co. Ltd., and Vector Technology Solutions. Specifically, Claroty was selected by Cabrini Technology Group, the largest medical technology service provider in Australia and New Zealand to enhance their specialised biomedical managed services portfolio and add critical medical device cybersecurity capabilities to address the growing threats within healthcare environments. Also recently, Claroty work with a leading Australian food and beverage manufacturer to bolster their IT/OT cybersecurity posture. Claroty implemented a solution that adheres to the NIST Framework and implements the Mitre ATT&CK framework to provide real-time threat detection, with the ability to integrate into the client’s wider IT network team for alerting and monitoring. The implementation across four sites in Australia provides the customer with end-to-end visibility and is part of a global rollout that includes six more sites in Australia.
Click image for fullscreen
ExtraHop is the cybersecurity partner enterprises trust to reveal the unknown and unmask the attack. The company’s Reveal(x) 360™ platform is the only network detection and response (NDR) platform that delivers the 360-degree visibility needed to quickly identify and respond to suspicious threats.
As 98% of companies expect to use multiple public clouds, they are challenged with monitoring every workload across each environment to minimize gaps in their coverage. Reveal(x) 360 ingests, monitors, and analyzes network data - which can’t be compromised by attackers unlike endpoints and logs - to eliminate blind spots in the network where adversaries hide. This visibility empowers security teams to detect and mitigate security risks with ease. It also removes the friction caused by data silos between security and IT teams who need to collaborate to provide a safe, reliable digital workspace.
ExtraHop’s AI leverages massive amounts of compute and continuously updates models to make its detections precise and uniquely reliable, yielding high-fidelity alerts to keep security teams focused on the highest-risk threats first. ExtraHop is the only NDR platform that has the ability to natively decrypt SSL/TLS traffic. Reveal(x) 360 can extract all relevant contextual data providing unparalleled security deductions and visibility into organizational traffic. ExtraHop partners with 30+ technology organizations such as CrowdStrike, Splunk, and Palo Alto, allowing users to integrate the network intelligence capabilities of Reveal(x) 360 into other security applications, enhancing their security stacks.
Leading financial institutions in the Asia Pacific region deploy Reveal(x) 360 to secure their organizations and overcome challenges presented by regulatory compliance, legacy infrastructures, and the transition to zero trust. Because of regulations, multiple networks within the same financial institution tend to be isolated from each other, making it difficult to see what is happening - or who is hiding - in the network. Similarly, decisions to make technology changes move slowly because of concerns about regulatory compliance. To overcome these hurdles, financial institutions deploy ExtraHop to gain complete visibility across their networks and the entire attack surface, including multiple clouds, on-premises and colocation data centers, and remote sites, so they can catch cyberattacks before its too late. ExtraHop is also helping customers accelerate zero trust adoption by enhancing the IT visibility they need to get going. With an effective ZT strategy, users and devices must be dynamically and continuously authenticated and verified, with access to resources restricted according to least privilege principles. With Reveal(x), financial institutions can continually monitor and safeguard network traffic, validate policy enforcement, and support enhanced collaboration between traditionally siloed teams.
Click image for fullscreen
CrowdStrike's Cloud-Native Security solution is a comprehensive platform designed to protect cloud environments from advanced cyberthreats. It leverages AI-driven threat intelligence, behavioral analytics, and real-time endpoint protection to detect and block attacks in the cloud, ensuring organizations can secure their data, applications, and workloads effectively.
CrowdStrike's cloud-native security solution focuses on real-time threat detection to identify and block advanced cyberthreats, ensuring protection against sophisticated attacks that can target cloud environments. The solution aims to bolster endpoint security, safeguarding critical data and applications from breaches and unauthorized access. By providing actionable intelligence through AI-driven threat analysis and behavioral analytics, it helps organizations proactively defend against emerging threats. Ultimately, the solution aims to mitigate risks related to data breaches, cyber espionage, ransomware, and other malicious activities, while ensuring a secure and resilient environment for businesses in the face of evolving cyber challenges.
CrowdStrike's Cloud-Native Security solution deploys cutting-edge technologies and innovations, including AI (Artificial Intelligence) and ML (Machine Learning) algorithms, to deliver real-time threat detection and behavioral analysis. It leverages cloud-based architecture for scalability and flexibility in protecting cloud environments. The solution employs advanced endpoint protection to defend against cyber threats. Additionally, network analytics and behavioral tracking enable proactive security measures. Integration of threat intelligence and continuous monitoring further enhance our capabilities, ensuring organizations in the APAC region benefit from a comprehensive and dynamic security approach to combat advanced cyberattacks.
CrowdStrike deploys its cloud-native security solution in the APAC region for a wide range of organizations, including multinational corporations, government entities, financial institutions, healthcare providers, technology firms, educational institutions, and e-commerce businesses. The solution offers real-time threat detection, advanced endpoint protection, and actionable intelligence to defend against cyber threats, tailored to meet the unique challenges faced by organizations in the region. Leveraging AI and behavioral analytics, it aims to secure critical data, applications, and workloads, ensuring a resilient digital environment in the APAC region, with the largest users in Australia and India. Examples include Telstra and Jemena.
Click image for fullscreen
Hillstone Networks’ Integrative Cyber Security approach delivers coverage, control, and consolidation to secure digital transformation for more than 26,000 enterprises worldwide. Hillstone Networks is a trusted leader in cyber security, protecting enterprise critical assets and infrastructure, from edge to cloud, regardless of where the workload resides. Learn more at www.hillstonenet.com.
Security is the primary concern in the cloud. 25% of IT decision-makers report challenges around securing cloud resources, according to a report by Expert Insights. This is due to the lack of visibility of internal traffic and threats, lack of security workloads that rely on East/West traffic, and lack of scalability of security services in the cloud. Key challenges in cloud security includes unauthorized access as cybercriminals target vulnerabilities to access confidential data; compliance and regulatory concerns associated with data breaches; data loss and recovery due to ransomware or other malware, and insufficient visibility and control to protect cloud workloads.
Hillstone Networks CloudHive solution addresses the gaps in cloud security with a robust platform based on its award-winning, AI-driven intelligent next generation firewall solution. CloudHive is a robust micro-segmentation solution for the private/public cloud, or the virtual environment. It can integrate seamlessly into both VMware and OpenStack ecosystems and provide granular visibility into North/South and East/West data center traffic. It operates on the least-privilege concept of ZTNA and blocks unauthorized lateral movements that can be part of multilayer, multistage attacks. The micro-segmentation capability in CloudHive is available due to patented traffic steering technology.
In a strategic move to fortify the security of their private cloud, a prominent commercial banking entity undertook the deployment of Hillstone CloudHive's cutting-edge micro-segmentation solution. Safeguarding the integrity of sensitive customer data stands paramount for this institution, which boasts two expansive data centers within the region. This comprehensive implementation effectively partitions and shields critical customer information, aligning seamlessly with their stringent adherence to local and regional financial regulations. Within their robust private cloud infrastructure, the banking institution has successfully demarcated production and development spheres, a vital necessity in their financial operations. This segregation extends further, selectively accommodating security services for designated services within the production environment. The judicious adoption of Hillstone CloudHive not only empowers micro-segmentation in their primary VM-based data center but also serves as an instrumental conduit in upholding their compliance obligations. In navigating the intricate landscape of modern financial services, the bank finds its operations fortified and its customer data inviolably shielded by this strategic alliance with Hillstone Networks' innovative solution.
Click image for fullscreen
Zscaler's Cloud Security is a comprehensive cybersecurity platform that delivers protection to organizations by routing their internet traffic through their global cloud infrastructure. It ensures secure and efficient access to applications and data, offering advanced threat detection, data loss prevention, and secure web gateways, without the need for on-premises hardware.
Zscaler's Cloud Security solution protects against advanced cyberthreats like malware, ransomware, and phishing attacks that target cloud-based applications and data. It also focuses on securing remote and mobile users, ensuring their safe access to corporate resources from any location. Zscaler seeks to prevent data breaches and data loss by implementing data privacy controls and encryption measures. Additionally, the solution helps organizations comply with regional data regulations and industry standards. By routing internet traffic through their global cloud infrastructure, Zscaler ensures secure and efficient access to applications while mitigating potential risks associated with traditional on-premises security architectures.
A leader in zero trust security and cloud-based cybersecurity solutions, Zscaler uses various innovative technologies to provide comprehensive and consistent protection for users, workloads, devices, and data across different environments. Zero Trust Exchange is a cloud-native platform that connects authorized users, devices, and workloads to applications and data using business policies, without exposing them to the internet or networks, to prevent unauthorized access, lateral movement, and cyberattacks, and enables fast and reliable performance. Zscaler uses ML and AI to enhance its data processing and analysis capabilities. Zscaler recently announced industry-first innovations that revolutionize how organizations classify and protect data. These include AI-powered data loss prevention (DLP), cloud access security broker (CASB), browser isolation, and secure web gateway (SWG) solutions that operate at cloud scale and provide holistic intelligence for data security.
Zscaler's Cloud Security solution is deployed by a diverse range of organizations in the Asia-Pacific (APAC) region, including large enterprises, SMBs, government agencies, and educational institutions. It offers scalable, flexible, and easy-to-manage security for distributed workforces and branch offices. With advanced threat protection and compliance support, it addresses the unique cybersecurity challenges faced by APAC businesses across various industries.
Click image for fullscreen
Viettel Cyber Security (VCS), a branch of Viettel Group – The largest telecommunications group in Vietnam, develops and provides information security solutions and services for domestic and foreign organizations and enterprises. In 2016, VCS first introduced Managed Security Service which provides comprehensive information security solutions along with best-of-breed security capabilities.
VCS addresses diverse security issues such as cyber threats, vulnerability management through assessments and testing, incident response for attack containment and recovery, real-time monitoring at our SOC, compliance with regulations, and security awareness training. Our Managed Security Services leverage global threat intelligence and advanced analytics to detect cybersecurity attack by performing round-the-clock security monitoring. Our dedicated in-house security experts implement purpose-built security platforms on premise and cloud to keep pace with the rapidly changing security landscape by leveraging the advantage of the largest ISPs in Vietnam and other South East Asia countries.
VCS applies various advanced technologies and innovations to its solutions and services. These include advanced network analytics, artificial intelligence (AI), machine learning (ML), and threat intelligence. Network analytics helps in monitoring and analyzing network traffic for detecting security incidents. AI and ML are utilized for threat detection, anomaly detection, and predictive analysis. Our in-house built technology solutions boosted our Managed Security Service capabilities to the next level. We implement all-in-one security operation platform providing Next - gen SIEM, SOAR and Global Threat Intelligence to simplify cyber security operation, lowering mean time to detect and respond.
Viettel Managed Security Service is the top leader of MSS provider in Vietnam with a wide range of customers including banking, financial services, telecommunications, airlines and government. For 5 years, our service reached 10-million-dollar annual revenue in 2020 and is one of the fastest growing APAC countries in cyber security investment. We mitigate 10 million security threats per years with more than 200 cybersecurity experts. Over 8 trillion logs have been analyzed annually with 19,000 devices monitored in 11 countries in the Asia Pacific region. In healthcare, we address industry-specific challenges and defend against threats. Notably, a major bank witnessed reduced cyber-attacks and data breaches through our comprehensive solutions, reinforcing trust, safeguarding financial information, and preserving reputation.
Click image for fullscreen
Ensign InfoSecurity offers end-to-end cybersecurity services in Asia and beyond. We provide cybersecurity advisory and assurance services, architecture design and systems integration services, and managed security services for advanced threat detection, threat hunting, and incident response. We are currently ranked 6th in a worldwide survey of MSSPs.
Ensign InfoSecurity’s Managed Security Services (MSS) integrates proprietary AI-Powered Cyber Analytics to combat cyber threats effectively. Its key features include training on large, anonymised datasets, as well as leveraging expert-driven insights and the MITRE ATT&CK framework to detect sophisticated attacker behaviours. Delivered via ISO27001-certified EnSOCs, our services offer real-time threat detection and continuous monitoring for on-premises and hybrid cloud environments, to proactively identify and mitigate cyber threats. To enhance overall security posture and protect against potential vulnerabilities of organisations, we offer Advanced Threat Detection, Core Managed Security Services, and Cloud Security Services, optimising cyber capital expenditure while safeguarding digital assets.
Ensign InfoSecurity deploys a combination of advanced technologies and innovations in its managed security solution. This includes leveraging network analytics to monitor and analyze network traffic for potential threats. They also employ Artificial Intelligence (AI) and Machine Learning (ML) algorithms to enhance threat detection capabilities, identify patterns, and predict potential cyberattacks. Additionally, Ensign may use blockchain technology to secure critical data and transactions. These cutting-edge technologies, along with their skilled cybersecurity experts, enable the company to deliver proactive and effective security measures, ensuring robust protection against ever-evolving cyber threats.
Ensign provides MSS to government agencies, financial institutions, healthcare providers, TMTs, enterprises etc.
Pharmaceutical-related products company: We are unable to provide customer details due to confidentiality agreement.
Challenges:
• Shortage of skilled cybersecurity resources for monitoring critical networks.
• Increasingly sophisticated cyber threats demanding advanced tools and expertise for detection and mitigation.
• Ensuring secure access management for confidential information like R&D data to preserve business integrity.
Solution:
• Enhanced threat detection and response capabilities.
• Improved security measures to safeguard confidential R&D information.
• Preemptive and proactive threat detection to prevent harm to the organisation.
• Deployment of Privileged Access Management solution to counter external and internal threats.
• Implementation and management of an Intrusion Prevention System to detect and prevent vulnerability exploits.
• 24/7 security incident monitoring services with automation and intelligence for faster threat detection and investigation.
Results:
• Enhanced threat detection and response capabilities.
• Secured confidential information, including R&D materials.
• Preemptive and proactive detection of threats before they cause harm to the organisation.
• Improved cyber maturity, enabling detection and response to advanced threats.
• Reduced capital costs by outsourcing security operations.
• Enabled the company to focus in-house resources on critical business initiatives
Click image for fullscreen
CylanceGUARD is BlackBerry’s 24x7 managed detection and response (MDR) service, underpinned by the company’s advanced Cylance AI engine. It offers BlackBerry’s best cyber experts on a subscription-model, teamed with secure Critical Event Management (CEM), CylanceENDPOINT for endpoint protection (EPP) and endpoint detection and response (EDR) for a prevention-first cybersecurity approach.
Most companies, large and small, are experiencing a similar challenge when it comes to cybersecurity - exploding cyberattacks and a shortage of skilled IT/cybersecurity staff. Heavy industries with combined legacy OT and connected environments, such as manufacturing, are especially facing challenges, with an expanding attack surface becoming more enticing for threat actors. Amid escalating cyber threats, air-gapping, signature-based antivirus, and in-house monitoring and management are no longer sufficient. BlackBerry CylanceGUARD provides enhanced visibility and security against both current and future cyber threats, whether online or offline, and augments internal IT/security teams with highly-trained BlackBerry cyber-experts to close the skills gaps.
CylanceGuard offers trained threat prevention experts on a subscription-based model. Backed by Cylance AI solutions and real-time threat intelligence, CylanceGuard augments internal teams and supports organisations without the right expertise. BlackBerry AtHoc (CEM) integration helps coordinate responses with clear communications. It offers 99.5% alert management efficiency, stops attacks with a 5-year advantage, reduces alert fatigue by 90%, and stops 36% more novel attacks 12 times faster (w/20 times less resources) than other vendors. Tolly report showed CylanceENDPOINT achieved a market-leading 98.9% detection rate for both online and offline tests, using just 5% of CPU (other solutions required 100% CPU utilization.
Like many manufacturers, Singapore-headquartered manufacturer of precision plastic components Sunningdale Tech Ltd balances new systems and IoT devices with the old, including utilizing outdated hardware and software, making OT distinctly vulnerable. Recognizing the need for a new approach to cybersecurity, Sunningdale set out in search of a full MDR solution, deploying BlackBerry’s CylanceGUARD to ensure continuous protection against online, offline, and air-gapped environment attacks. From its Singapore headquarters, Sunningdale manages more than 8,000 staff worldwide, making it difficult to manage and secure multiple operational environments. CylanceGUARD provides Sunningdale with access to trained threat prevention experts on a subscription-based model, and includes CylanceENDPOINT. Despite its complex IT and OT environments, Sunningdale was able to deploy BlackBerry’s integrated security solution across the entirety of its global manufacturing infrastructure. Deployment of BlackBerry’s integrated Cylance solutions almost immediately reduced Sunningdale’s security alerts from 20,000 per day to fewer than ten, freeing up time for them to better focus on core competencies while looking out for lurking cyber threats. In addition to enhanced visibility and security across the manufacturing floor, access to BlackBerry’s team of seasoned cybersecurity professionals enabled Sunningdale to empower in-house cyber awareness and achieve a self-defending factory floor.
Click image for fullscreen
Sophos MDR is a fully managed 24/7 vendor agnostic service delivered by experts who detect and respond to cyberattacks targeting computers, servers, networks, cloud workloads, email accounts, etc, preventing threats from disrupting business operations or compromising sensitive data. Sophos MDR is currently used by more than 17,000 organisations worldwide.
Sophos aims to empower businesses in the APAC region by offering expertly managed cybersecurity services, enabling them to focus on their core operations while having the confidence that their digital environments are well-protected and resilient against potential security risks. Sophos' Managed Detection and Response (MDR) solution provides proactive protection against evolving cyber threats, detects and mitigates advanced malware and ransomware attacks, prevents data breaches and unauthorized access to sensitive information, offers real-time threat intelligence to stay ahead of emerging threats, and ensures compliance with industry regulations and data protection standards.
Sophos' MDR uses advanced technologies like artificial intelligence (AI) and machine learning (ML) for threat detection, network analytics to identify anomalies, behavioral analysis to detect insider threats, and real-time threat intelligence to stay ahead of emerging risks. With cloud security and endpoint protection, the solution comprehensively safeguards organizations in the APAC region, offering proactive defense against cyber threats, data breaches, and ensuring compliance with industry regulations.
Sophos' MDR solution delivers expertly managed security services to a diverse array of organizations in the APAC region. This offer provides cybersecurity as a service to small- and medium-sized enterprises (SMEs) without dedicated IT security teams, large enterprises with complex networks, government agencies, healthcare institutions, financial firms, educational organizations, and retail and hospitality outfits. Sophos MDR provides these organizations with tailored and scalable protection against evolving cyber threats, encompassing proactive monitoring, threat detection, incident response, and ongoing security maintenance allowing organizations to focus on their core operations while enjoying peace of mind, knowing their critical assets and sensitive data are fortified against potential attacks.
Click image for fullscreen
Secure Internet browsing allows secure, fast and private internet browsing experience with the industry’s first in-browser protection to inspect 100% of SSL traffic. Check Point Harmony Email enables complete protection for Office 365 and G Suite, blocking out sophisticated phishing attacks, malware, protecting sensitive business data, and prevent account takeover.
Protecting today’s hyper-distributed workspace requires endless security functions across user devices, applications, and networks. Over 90% of attacks against organisations start from a malicious email and 75% of ransomware attacks are email-borne. Email is the first link in a chain of attacks, and with remote working, the use of cloud mailboxes and collaboration apps had increased exponentially. Check Point Harmony Email & Collaboration provides organisations with complete, full-suite protection that is constantly adapting and evolving to the ever-changing threat landscape, while providing security admins with an easy-to-deploy and manage platform, making your security offerings easy and efficient.
Check Point Harmony Email & Collaboration (HEC) provides complete protection for Microsoft 365, Google Workspace and all your collaboration and file-sharing apps. This solution is designed specifically for cloud email environments and is the only solution that prevents, not just detects or responds to, threats across inbound, outbound and internal communications, in real-time, before they reach end-users. The solution leverages on Artificial Intelligence and machine learning, analysing over 300+ indicators of phishing and ingesting data from ThreatCloudAI, and Check Point’s dynamically updated service based on an innovative global network of threat sensors, HEC reduces phishing reaching the inbox by 99.2%.
Check Point has deployed this solution across a wide range of industries in APAC, including telecommunications, media, manufacturing, entertainment, and tech companies. One of this deployment is at M1, Singapore’s first digital network operator. Using Check Point Harmony email and office solution, M1 was able to protect all of its endpoints, fixed and mobile, against the most imminent threats, such as phishing, ransomware, and malware. If ransomware strikes, Check Point autonomously detects and responds to shut it down and remediate data. The full case story can be found here: https://www.checkpoint.com/downloads/customer-stories/m1-customer-case-study.pdf
Click image for fullscreen
Barracuda Email Protection provides comprehensive protection against 13 email threat types, from spam and ransomware to socially engineered threats like spear phishing, business email compromise. It combines gateway and API-based AI technology to detect and remediate threats that integrates directly into Microsoft 365 to find threats inside user’s mail system.
Email remains the top threat vector to organizations as research finds that 75% of the organizations surveyed for the report had fallen victim to at least one successful email attack in the last 12 months. Barracuda Email Protection addresses various email-borne threats. These include mitigating the risk of social engineering attacks, preventing malware and ransomware through email, identifying and blocking spam emails, and protecting against email-based data breaches. The solution also focuses on detecting and blocking advanced email threats such as spear-phishing and business email compromise (BEC) attacks, providing organizations with comprehensive email protection to safeguard their business and data.
Barracuda Email Protection incorporates various technologies and innovations to ensure efficient email security. These include API-based artificial intelligence (AI) technology to detect signs of social engineering attacks and attacks launched from compromised accounts. Its AI capability integrates directly into Microsoft 365 and can automatically predict which employees are likely to be targeted so organizations can tailor specialized security awareness training and prevent damage from human error. Its DMARC capability provides granular visibility and helps minimize false positives, protect legitimate email, and prevent spoofing. It also includes Zero Trust Access capability for phishing protection and threat blocking at the device level.
Barracuda has successfully deployed its solution/services across diverse industries and organizations in the Asia Pacific region. One of its customers, Avalon Biomedical Group, a group of companies headquartered in Hong Kong focused on developing next-gen healthcare solutions, was frequently targeted by sophisticated phishing email and impersonation attacks, and thus decided to deploy Barracuda solutions to get AI-based protection against phishing and account takeover. The deployments have yielded significant achievements. Firstly, organizations have witnessed enhanced security by effectively countering email threats. The company saw more than 50% drop of attempted phishing, fraud, and account takeover attacks, and delivered a significant overall improvement in email security. It also gained enhanced visibility to vulnerable users, origins of email threats and their tactics, and overall security posture with the analysis report. Additionally, the API-based architecture provides direct connectivity to Microsoft 365. The ease of use streamlined Avalon’s IT administration time and cost that freed the team to focus on other projects. Most importantly, it eased security concern of data breach and helped the company meet compliance requirement.
Click image for fullscreen
Proofpoint Browser Isolation safeguards users against sophisticated threats in both corporate and personal settings. By isolating browser sessions in a secure container, the solution enables safe access to websites and email, protecting against malware and malicious content while preventing data loss. It addresses security, productivity, and privacy concerns related to targeted phishing attacks and risky web usage, and its easy deployment and management make it user-friendly.
With the rise of attackers targeting specific individuals through phishing emails, additional adaptive controls were needed to protect the most vulnerable individuals within the organisation. Proofpoint’s Browser Isolation addressed this concern by protecting users from malicious web-based content, including high-risk URLs from unknown sources, social networks, and online cloud applications. The integration with Proofpoint Targeted Attack Prevention (TAP) further enhanced security by providing real-time phishing detection and scanning, along with visibility and risk tracking through the TAP dashboard.
Proofpoint’s Browser Isolation employs sandboxing technology, which isolates the web browser from the operating system, ensuring that any malicious activity within the browser environment cannot impact the outside system. Cloud-based applications like Office 365, Gmail, and JavaScript-based games execute within the isolated browser environment. Instead of running processes locally, the solution executes all browser activities on a remote cloud server, preventing malware and client-side malicious code from affecting the user's local device and network. This innovative approach allows users to securely access the internet without exposing their devices to sophisticated threats and vulnerabilities, such as those found in traditional browsers with support for plugins like Adobe Flash.
Many regulated companies, like those in the healthcare industry, grapple with the challenge of granting employee internet access while ensuring data privacy. Restricting personal internet use can lead to complaints, but allowing free access exposes the company to cybersecurity risks and potential breaches. Proofpoint's Browser Isolation provided an optimal solution by allowing secure internet access and personal email viewing while protecting corporate security. Web traffic is directed into a container, isolating any unapproved sites or emails to prevent threats. This implementation reduced potential security breaches and saved the IT team time spent investigating compromised accounts. Browser Isolation has become a crucial tool in safeguarding against phishing attacks and ensuring employees' safety and productivity.
Click image for fullscreen
ExtraHop is the cybersecurity partner enterprises trust to reveal the unknown and unmask the attack. The company’s Reveal(x) 360™ platform is the only network detection and response (NDR) platform that delivers the 360-degree visibility needed to quickly identify and respond to suspicious threats.
Adversaries can evade traditional perimeter-based defenses like EDR and SIEM solutions, and organizations need full visibility into their network to eliminate threats. Reveal(x) 360 ingests, monitors, and analyzes network data - which can’t be compromised by attackers unlike endpoints and logs - to eliminate blind spots in the network where adversaries hide. This visibility empowers security teams to detect and mitigate security risks with ease. The platform helps enterprises detect threats 83% faster and stop threats 87% faster with cloud-scale AI that delivers detection and response from core to cloud to edge.
ExtraHop’s AI leverages massive amounts of compute and continuously updates models to make its detections precise and uniquely reliable, yielding high-fidelity alerts to keep security teams focused on the highest-risk threats first. ExtraHop is the only NDR platform that has the ability to natively decrypt SSL/TLS traffic. Reveal(x) 360 can extract all relevant contextual data providing unparalleled security deductions and visibility into organizational traffic. ExtraHop partners with 30+ technology organizations such as CrowdStrike, Splunk, and Palo Alto, allowing users to integrate the network intelligence capabilities of Reveal(x) 360 into other security applications, enhancing their security stacks.
Leading financial institutions in the Asia Pacific region deploy Reveal(x) 360 to secure their organizations and overcome challenges presented by regulatory compliance, legacy infrastructures, and the transition to zero trust. Because of regulations, multiple networks within the same financial institution tend to be isolated from each other, making it difficult to see what is happening - or who is hiding - in the network. Similarly, decisions to make technology changes move slowly because of concerns about regulatory compliance. To overcome these hurdles, financial institutions deploy ExtraHop to gain complete visibility across their networks and the entire attack surface, including multiple clouds, on-premises and colocation data centers, and remote sites, so they can catch cyberattacks before its too late. ExtraHop is also helping customers accelerate zero trust adoption by enhancing the IT visibility they need to get going. With an effective ZT strategy, users and devices must be dynamically and continuously authenticated and verified, with access to resources restricted according to least privilege principles. With Reveal(x), financial institutions can continually monitor and safeguard network traffic, validate policy enforcement, and support enhanced collaboration between traditionally siloed teams.
Click image for fullscreen
Illumio, the Zero Trust Segmentation Company, stops cyberattacks from spreading across organizations to dramatically reduce their impact. Illumio visualizes all traffic flows between workloads, devices, and the internet, automatically sets granular segmentation policies to control communications, and isolates high-value assets and compromised systems proactively or in response to active attacks.
When breaches happen, it’s usually not the initial entry that causes the most damage, it’s when the attacker can move throughout an organization that leads to outages and compromised data. This is the problem that Zero Trust Segmentation (ZTS), a technology category created and pioneered by Illumio, is designed to solve. ZTS stops the spread of breaches by isolating workloads and devices across clouds, data centres, and endpoints. Think of it like a submarine – if the boat springs a leak, a compartment or segment may flood, but the rest of the ship stays dry, secure, and afloat.
Cybersecurity has never been more challenging. The attack surface is expanding as users work from anywhere, and attack types are changing. Despite increasing investment in traditional endpoint security solutions, breaches are still happening. Illumio reduces the risk and impact of breaches through proactive host-based segmentation to prevent attackers or ransomware from propagating. It follows workloads or devices regardless of the changes in the environment, using segmentation to prevent bad actors from moving deeper into an organization’s network after an initial breach. By preventing lateral movement, organizations can isolate attacks to a single device, even before it is detected.
The Illumio ZTS Platform has been deployed across many industries across APAC, including manufacturing, aviation, banking and insurance, energy and utilities, natural resources, education & technology. The global airline Cathay Pacific wanted to tighten internal security controls. Their IT infrastructure is complex, with over 3000 servers and 600 applications running across on premise and multi-cloud environments. The real-time application dependency map from Illumio enabled Cathay to see all connections between servers and applications. With this capability, the Cathay team understood what needed to be protected and could take immediate action on flows to block them or authorize. The ability to run policies in test mode before going into enforcement played an essential role in the success of Cathay’s deployment. This fostered ongoing collaboration between infrastructure and security teams and application owners. In addition, Cathay needed to meet its PCI compliance requirements, to ensure that customer credit card data is protected. They installed Illumio on over 1,000 workstations to instantly secure data in motion. The alternative was installing dozens of data center firewalls in Cathay’s call center offices, amounting to an estimated $5M expense. With far less effort and spending, Cathay is well on its way to PCI peace of mind.
Click image for fullscreen
HPE Aruba is the global leader in wired, wireless, and SD-WAN solutions that use AI to automate and secure the network from edge to cloud, integrated and managed from a single pane of glass.
HPE Aruba solves today’s growing security challenges by providing an edge-to-cloud security solution based on two trusted frameworks – Zero Trust and SASE. We implement robust authentication and encryption mechanisms, threat detection and prevention systems, and security analytics tools – with emphasis on securing wireless networks, mitigating risks associated with mobile devices, and providing secure remote access solutions. The goal is to ensure the confidentiality, integrity, and availability of network resources, safeguard sensitive data, and defend against emerging security threats. Aruba Central is a cloud-based network management & monitoring solution for Aruba Switches, & SD-WAN gateways and Instant Access Points.
Aruba leverages various technologies and innovations to secure networks from edge to cloud. These include advanced network analytics to gain insights into network performance and security threats, enabling proactive monitoring and troubleshooting. We utilize artificial intelligence (AI) and machine learning (ML) algorithms for intelligent threat detection, anomaly detection, and behavior analysis. Aruba also incorporates blockchain technology for secure identity and access management. Additionally, we integrate cloud-based solutions to provide scalable and flexible networking capabilities. These technologies collectively empower us to deliver robust, intelligent, and secure networking solutions to their customers.
Educational institutions in the Asia Pacific have deployed Aruba's networking solutions to create robust and secure campus-wide networks. These deployments have facilitated seamless connectivity for students and staff, supported e-learning initiatives, and provided reliable internet access across multiple devices. For instance, a university in Singapore implemented Aruba-HPE's wireless infrastructure to enhance their campus Wi-Fi coverage and capacity. With the solution's advanced network analytics and AI-driven capabilities, the university's IT team gained insights into network performance and user behavior, allowing them to optimize network resources and troubleshoot issues proactively. The solution's security features, including strong authentication and encryption mechanisms, protected sensitive research and student data, preventing unauthorized access and cyber threats.
Click image for fullscreen
Hillstone Networks’ Integrative Cyber Security approach delivers coverage, control, and consolidation to secure digital transformation for more than 26,000 enterprises worldwide. Hillstone Networks is a trusted leader in cyber security, protecting enterprise critical assets and infrastructure, from edge to cloud, regardless of where the workload resides. Learn more at www.hillstonenet.com.
Data drives the business and data is now generated, processed, and analyzed everywhere. This triggers one of the key challenges: an exponential growth in network traffic, making it more challenging to monitor and protect the network effectively. Complexity is another issue. IT is now expected to support applications and services that have varying network requirements. Advanced threats are a constant challenge and malicious actors are laser focused on finding vulnerabilities in the network and in the applications themselves. Cost is a constant issue: Data centers require significant investments in hardware, software, and the appropriate security skills.
Hillstone Networks award-winning NGFW family of products, with multiple consecutive years in the Gartner Magic Quadrant for Network Firewalls as a Visionary and Leader, deliver a fully distributed architecture and patented Twin-mode solution with benefits that include:
• Intelligent iQoS based on granular application identification and nested user identification.
• Comprehensive VPN Solution, complete with standard IPSec VPN and the third generation SSL VPN and distinctive PnP VPN, simplifying configuration and maintenance.
• Full L2-L7 security
• ML-based Intelligent Threat Detection and Protection that build, train, and update in real-time the detection model to better detect and defend Detection Generation Algorithm.
Hillstone Networks has successfully implemented its NGFW platform across various industries and organizations in the Asia Pacific region, including financial services, telecommunications, healthcare, government, and education. Recently, Hillstone Networks undertook a significant NGFW project for a government body, involving the establishment of a new headquarters building and a state-of-the-art data center. The customer required a new network setup and configuration, along with a robust network security infrastructure. Regarding the new headquarters building and data center, the customer encountered challenges while designing an office network that could provide ample security protection capabilities. Throughout the Proof of Concept (POC) phase, Hillstone Networks furnished firewall performance details to ensure compatibility with the customer's demanding requirements, all while adhering to their budgetary constraints. Additionally, Hillstone Networks demonstrated its capacity to comply with stringent corporate rules and regulations. Following a successful and productive POC period, the customer selected Hillstone Networks as their security provider of choice. This decision was influenced by Hillstone's ability to meet all project requirements comprehensively. Hillstone's NGFW solution not only met the customer's needs but also delivered a superior Total Cost of Ownership (TCO), cementing their satisfaction with the chosen solution.
Click image for fullscreen
Keysight's Network Security solution is a comprehensive suite of tools and technologies designed to protect and monitor networks against cyberthreats. It offers advanced threat detection, real-time analysis, and proactive defense measures to ensure the security and integrity of data and communication within the network infrastructure.
Keysight's Network Security solution aspires to provide organizations with the necessary tools and capabilities to proactively defend against evolving cyberthreats and maintain a robust and secure network environment. It helps with identifying and mitigating advanced cyberthreats such as malware, ransomware, and data breaches. The solution also focuses on detecting and preventing unauthorized access and intrusions into networks, safeguarding sensitive information and critical assets. Additionally, it helps in enhancing overall network visibility, performance, and resilience – ensuring compliance with industry regulations and best practices.
Keysight's Network Security solution deploys a range of cutting-edge technologies and innovations to bolster network protection. It leverages advanced network analytics to monitor traffic patterns and detect anomalies indicative of potential cyber threats. Artificial Intelligence (AI) and Machine Learning (ML) algorithms are employed for real-time threat detection, rapidly identifying and responding to security breaches. Additionally, behavioral analysis helps in recognizing abnormal user actions. Intrusion Prevention Systems (IPS) and Next-Generation Firewalls (NGFW) further fortify the network against attacks. Overall, these technologies synergize to provide proactive defense and comprehensive security for modern-day network environments.
Keysight, a global technology company, has deployed its Network Security solution across various industries in the Asia Pacific region, such as telecommunications, financial services, healthcare, government, education, and critical infrastructure. These industries face significant cybersecurity challenges, making Keysight's advanced network security offerings particularly relevant to safeguarding their networks, data, and operations against evolving cyber threats in the Asia Pacific region.
Click image for fullscreen
SonicWall is a global cybersecurity company focused on network security solutions. They offer advanced firewalls, secure mobile access, email and wireless security, and cloud-based solutions. SonicWall operates a global threat intelligence network, serving organizations of all sizes across diverse industries while safeguarding networks, data, and systems from cyberthreats.
SonicWall protects networks from advanced threats, including malware, intrusions, and unauthorized access. SonicWall focuses on ensuring secure connections for remote workers, addressing the security challenges associated with remote and mobile access, allowing organizations to embrace mobility and BYOD by enforcing context-aware policies to block unauthorized access, and to gain visibility into every connecting device for per-application access control. Our solutions provide secure access to data center or cloud resources while reducing IT costs. With our cloud-based security solutions, we cater to securing data and applications in public, private, and hybrid cloud environments.
SonicWall's network and mobile security solutions integrate cutting-edge technologies and innovations. Our solutions apply a patented single-pass Reassembly-Free Deep Packet Inspection (RFDPI) engine that can examine every byte of every packet, checking both inbound and outbound traffic simultaneously. Our patented technology employed at the application layer ensures granular visibility and control over mobile data. Real-time threat intelligence from a global sensor network is harnessed to enhance the solution's effectiveness. Our Capture Advanced Threat Protection (ATP) service is a cloud-based multi-engine firewall sandbox, which can detect and block zero-day and advanced threats using a new Real-Time Deep Memory Inspection engine. These technological advancements enable SonicWall to provide comprehensive mobile and network security from Data centers to midsize organizations.
SonicWall has achieved successful deployments of its network and mobile security solutions in various industries and organizations throughout the Asia Pacific region, yielding significant results. In the banking and finance sector, SonicWall's network security appliances and threat intelligence capabilities have fortified cybersecurity defenses, effectively preventing unauthorized access and potential financial fraud. Healthcare organizations have benefited from SonicWall's network and mobile access solutions, which have safeguarded patient records, ensured data privacy, and facilitated compliance with healthcare regulations. Educational institutions in the region have embraced SonicWall's network security solutions to protect networks, resources, and student data, enabling enhanced visibility, control over network traffic, and effective mitigation of cyber threats. SonicWall's solutions have also been deployed in manufacturing companies to secure industrial control systems (ICS), resulting in increased operational resilience, minimized downtime, and safeguarding of valuable intellectual property. Overall, SonicWall's network and mobile security solutions have made a significant impact across various industries in the Asia Pacific region, enhancing cybersecurity, protecting sensitive data, ensuring regulatory compliance, and bolstering overall network and system security.
Click image for fullscreen
To ensure mobile security for over 15 million clients, VTB Bank has developed a technological ecosystem with Big Data and AI. It includes session and transaction monitoring, call number identifier in mobile networks and messengers, operation limit controls, and financial security education.
Today, the topic of cybersecurity takes the forefront in all sectors of the economy. According to the Central Bank of the Russian Federation, in 2022, the number of unauthorized financial transactions increased by 4.29% compared to 2021. Using developed algorithms, VTB Bank can not only track but also proactively warn customers about fraudulent activities, including phone and internet scams in social networks, websites, and other forms. Additionally, VTB conducts preventive measures against fraud, fostering collaboration between governmental and non-governmental organizations. The banking community and communication operators united to block phone and internet traffic.
To ensure mobile security, we implement user behavior session monitoring, transaction controls, and operations monitoring, alongside subscriber's anomalous activity tracking. For conducting and verifying operations, we adopt biometric identification and NFC technologies, integrating smart devices like smartwatches, bracelets, and voice assistant-enabled speakers. Our automated incoming number identifier with call recognition in mobile networks and messengers, along with operation limit controls and the educational track "Preventing Deception," prevent fraudulent fund misappropriation. Additionally, users can independently report fraudulent activities and provide data for subsequent blocking by communication regulators and operators.
We employ these solutions to safeguard VTB clients' funds. Best practices are extended to VTB Group's subsidiaries, both within and beyond the country. VTB operates in CIS countries, Asia, and Africa. In the Asia-Pacific region, VTB banks operate in China (Beijing), India (New Delhi), Singapore, and the UAE (Dubai). Thanks to the development of a cybersecurity technology ecosystem for the internet banking and mobile application, we managed to prevent 7-8 million attacks and save over 22 billion rubles (~$340 million) of client funds in 2022 solely within VTB Bank.
Click image for fullscreen
SonicWall is a global cybersecurity company focused on network security solutions. They offer advanced firewalls, secure mobile access, email and wireless security, and cloud-based solutions. SonicWall operates a global threat intelligence network, serving organizations of all sizes across diverse industries while safeguarding networks, data, and systems from cyberthreats.
SonicWall protects networks from advanced threats, including malware, intrusions, and unauthorized access. SonicWall focuses on ensuring secure connections for remote workers, addressing the security challenges associated with remote and mobile access, allowing organizations to embrace mobility and BYOD by enforcing context-aware policies to block unauthorized access, and to gain visibility into every connecting device for per-application access control.
Our solutions provide secure access to data center or cloud resources while reducing IT costs. With our cloud-based security solutions, we cater to securing data and applications in public, private, and hybrid cloud environments.
SonicWall's network and mobile security solutions integrate cutting-edge technologies and innovations. Our solutions apply a patented single-pass Reassembly-Free Deep Packet Inspection (RFDPI) engine that can examine every byte of every packet, checking both inbound and outbound traffic simultaneously. Our patented technology employed at the application layer ensures granular visibility and control over mobile data. Real-time threat intelligence from a global sensor network is harnessed to enhance the solution's effectiveness. Our Capture Advanced Threat Protection (ATP) service is a cloud-based multi-engine firewall sandbox, which can detect and block zero-day and advanced threats using a new Real-Time Deep Memory Inspection engine. These technological advancements enable SonicWall to provide comprehensive mobile and network security from Data centers to midsize organizations.
SonicWall has achieved successful deployments of its network and mobile security solutions in various industries and organizations throughout the Asia Pacific region, yielding significant results. In the banking and finance sector, SonicWall's network security appliances and threat intelligence capabilities have fortified cybersecurity defenses, effectively preventing unauthorized access and potential financial fraud. Healthcare organizations have benefited from SonicWall's network and mobile access solutions, which have safeguarded patient records, ensured data privacy, and facilitated compliance with healthcare regulations. Educational institutions in the region have embraced SonicWall's network security solutions to protect networks, resources, and student data, enabling enhanced visibility, control over network traffic, and effective mitigation of cyber threats. SonicWall's solutions have also been deployed in manufacturing companies to secure industrial control systems (ICS), resulting in increased operational resilience, minimized downtime, and safeguarding of valuable intellectual property. Overall, SonicWall's network and mobile security solutions have made a significant impact across various industries in the Asia Pacific region, enhancing cybersecurity, protecting sensitive data, ensuring regulatory compliance, and bolstering overall network and system security.
Click image for fullscreen
Zscaler's Cloud Security is a comprehensive cybersecurity platform that delivers protection to organizations by routing their internet traffic through their global cloud infrastructure. It ensures secure and efficient access to applications and data, offering advanced threat detection, data loss prevention, and secure web gateways, without the need for on-premises hardware.
Zscaler's Cloud Security solution protects against advanced cyberthreats like malware, ransomware, and phishing attacks that target cloud-based applications and data. It also focuses on securing remote and mobile users, ensuring their safe access to corporate resources from any location. Zscaler seeks to prevent data breaches and data loss by implementing data privacy controls and encryption measures. Additionally, the solution helps organizations comply with regional data regulations and industry standards. By routing internet traffic through their global cloud infrastructure, Zscaler ensures secure and efficient access to applications while mitigating potential risks associated with traditional on-premises security architectures.
A leader in zero trust security and cloud-based cybersecurity solutions, Zscaler uses various innovative technologies to provide comprehensive and consistent protection for users, workloads, devices, and data across different environments. Zero Trust Exchange is a cloud-native platform that connects authorized users, devices, and workloads to applications and data using business policies, without exposing them to the internet or networks, to prevent unauthorized access, lateral movement, and cyberattacks, and enables fast and reliable performance. Zscaler uses ML and AI to enhance its data processing and analysis capabilities. Zscaler recently announced industry-first innovations that revolutionize how organizations classify and protect data. These include AI-powered data loss prevention (DLP), cloud access security broker (CASB), browser isolation, and secure web gateway (SWG) solutions that operate at cloud scale and provide holistic intelligence for data security.
Zscaler's Cloud Security solution is deployed by a diverse range of organizations in the Asia-Pacific (APAC) region, including large enterprises, SMBs, government agencies, and educational institutions. It offers scalable, flexible, and easy-to-manage security for distributed workforces and branch offices. With advanced threat protection and compliance support, it addresses the unique cybersecurity challenges faced by APAC businesses across various industries.
Click image for fullscreen
SSH Privileged Access Management is a solution for centrally managing and securing SSH keys within organizations. It automates key provisioning, access control, and rotation, integrates with IAM systems, and enables monitoring and auditing for improved security and compliance. SSH Quantum Security defends an organization’s long-term secrets against the quantum threat with quantum-safe cryptography (QSC).
SSH PAM solutions address security-related issues related to the management and access control of SSH keys. These include the centralization of key management to avoid complexity and maintain visibility, enforcing strict access policies to prevent unauthorized access, reducing the risk of key exposure and sharing, enabling monitoring and auditing capabilities for detecting suspicious activities, and facilitating key rotation to minimize the impact of compromised or outdated keys. To address the rising threat of quantum technologies, SSH employs QSC to enhance security, mitigate risks, and promote better compliance with security standards in organizations using SSH for secure communications and remote access.
SSH solutions deploy encryption, access control lists, centralized key management, machine learning-based behavioral analytics, multi-factor authentication, auditing mechanisms, and automation to efficiently manage SSH keys. These technologies ensure strong security by protecting keys, detecting unusual activities, enforcing access policies, and simplifying key provisioning and rotation processes. By employing quantum-safe cryptography (QSC) and post-quantum cryptography (PQC), which are the backbones of quantum security, SSH solutions offer organizations a robust and centralized approach to address SSH-related security challenges effectively for today and into the quantum computing future.
SSH solutions are being adopted across various industries in the Asia Pacific region. Some of the industries that have deployed our solutions include banking and finance, government and public sector, technology and IT services, healthcare, telecommunications, e-commerce, and manufacturing. These industries often prioritize strong security measures and efficient access control to protect sensitive data, making SSH solutions an attractive choice for their secure communication and remote access needs.
Click image for fullscreen
Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. Kaspersky Endpoint security provides comprehensive visibility across all endpoints on your networks and delivers superior defenses.
The dominance of Windows and Mac operating systems makes them ongoing targets for cybercriminals. Built-in security features alone are insufficient against next-generation cyberthreats. Whilst one might think simply adding-on multiple, disjointed technologies might be the solution to the problem, in reality it leads to management complexity and reduces effectiveness of the business. To solve this, Kaspersky Endpoint Security combines multi-layered, next-generation threat protection with additional proactive technologies such as Application, Web and Device controls, vulnerability and patch management and data encryption into an EDR-ready endpoint agent with an extensive systems management toolkit. This provides a straightforward protection solution for businesses.
Kaspersky adopts a multi-layered approach to security. Unlike single endpoint solutions, the Kaspersky Endpoint Detection and Response (EDR) class solution provides multi host event visibility and “heavy” methods of detection (sandbox, deep learning models, event correlation) as well as expert tools for incident investigation, proactive threat hunting and attack response. In addition, Kaspersky leverages Cloud threat intel through the Kaspersky Security Network (KSN) to collect and analyze cybersecurity related data from millions of voluntary participants around the world to provide the fastest reaction to new threats through the use of Big Data analysis, machine learning and human expertise.
The industries in Asia Pacific that this has been deployed in include: Banking and Financial Institutions, Government Agencies, Telecommunications, Industrial and Healthcare. This has resulted in effective detection of threats along with quick and intelligence-based responses which resulted in significant mitigation of financial losses. Threat intelligence services, such as Kaspersky, strengthen a company's defence and enhance visibility over the threat landscape by providing relevant and actionable insights.
Click image for fullscreen
Viettel Endpoint Detection & Response (VCS-aJiant) is one of the most innovative and comprehensive solutions of threat detection, investigation and response for hybrid deployment in South East Asia. VCS-aJiant is the first technology solution proactively approaching full capabilities of endpoint protection, detection and response on a single platform in Vietnam.
VCS-aJiant integrates Threat Feeds from Viettel Threat Intelligence platform and updates from our exclusive sources, taking advantage of the largest ISP in South East Asia. Our experts recognized as the top worldwide white hackers proactively update the latest intelligence for VCS-aJiant. Our solution simplifies threat detection, investigation and response process which is lightweight and easy to deploy on both cloud and on premise. Our advanced detection for centralized monitoring to continuously in-depth collect endpoint data of system behavior including file, process, memory, registry and network. VCS-aJiant provides out-of-the-box and customized behavioral detection following MITRE ATT&CK framework and in-house UEBA features.
Our solution leverages Machine Learning, Big Data Analysis, User and Entity Behaviour Analytics capabilities developed by Viettel Cyber Security in order to quickly detect the latest malware, APT attacks meanwhile prioritizing threats without noise, hereby ensures customer protection before being attacked. Moreover, VCS-aJiant is an open platform that allows open API and 100+ out-the-box integration into existing security stack in order to fit diverse organizational needs. Our solution offers complete intuitive user interface for end-to-end detection, investigation and response on one single platform, hereby improves security analyst's productivity and boosts incident response with speed.
Our solution has severed thousands of Vietnam customers in all industries and countries such as Laos, Myanmar, Cambodia, Peru, etc. For example, Bank Y, one of the major banks in Vietnam, contains a number of critical systems that need to be strictly protected against cyber-attacks. In the middle of 2021, bank Y is suspected of being attacked by APT with many unusual alerts. Therefore, bank Y decided to carry out a wide-ranging investigation and review of malware and threats throughout the system. To accomplish the above mission, VCS-aJiant has supported pushing a variety of malware checking tools to the computer system, analyzing logs and generating alerts. As a result, VCS completed a malware scan for 50,452 computers, detect and thoroughly remove malwares for 132 computers in just 3 working days. After only 3 working days, bank Y completed the investigation and review of malwares for 50,452 machines, detected 132 computers (including PCs and important service servers) infected with various types of APT existing in the system for about 2 years. The SOC team also used VCS-aJiant's incident response features to thoroughly and quickly remove malwares for those 132 computers.*The name of our customer was hiden due to confidential reason.
Click image for fullscreen
Check Point endpoint security includes data security, network security, advanced threat prevention, forensics, endpoint detection and response (EDR), and remote access VPN solutions. To offer simple and flexible security administration, Check Point’s entire endpoint security suite can be managed centrally using a single management console.
As remote work becomes more common, strong endpoint security is an increasingly vital component of any organisation’s cybersecurity strategy. Deploying an effective Endpoint Detection & Response (EDR) security solution is essential to protecting both the enterprise and the remote worker from cyber threats. EDR is designed to go beyond detection-based, reactive cyber defence. Instead, it provides security analysts with tools needed to proactively identify threats and protect the organisation. EDR provides a number of features that improve the organisation’s ability to manage cybersecurity risk, such as improved visibility on the network’s endpoints, rapid investigations, remediation automation, and contextualised threat hunting.
Check Point Harmony Endpoint is the market’s first to provide endpoint security and secure connectivity (SASE) as a consolidated, unified cloud-based solution including the easiest and most secure remote access, and safe internet browsing, underpinned by ThreatCloudAI technology. This solution is an integrated, layered approach to endpoint protection that combines real-time continuous monitoring and endpoint data analytics with rule-based automated response; it is consolidated and provides full visibility on the state of the network. In 2022 Check Point Harmony achieved a 100% detection rate across all attack steps in the annual MITRE Engenuity ATT&CK® Evaluations for the 2nd year running.
Alpine Energy, one of the 29 Electricity Distribution Businesses (EDBs) in New Zealand, distributes electricity to more than 33,500 customers across some of New Zealand’s most challenging terrain. The company is embarking on a digital transformation journey to continually innovate its services and defend against an increasing challenging cyberthreat landscape. Using Check Point Horizon Network Detection and Response and Harmony Endpoint, Alpine Energy created a security roadmap based on insights from the in-depth assessments and gained clear visibility into their network security posture, risks and vulnerabilities, on top of securing all endpoints with comprehensive protection.Full case story here: https://www.checkpoint.com/customer-stories/alpine-energy/
Click image for fullscreen
Anomali's Threat Detection platform is a cutting-edge cybersecurity solution that leverages advanced AI and machine learning algorithms to rapidly identify and mitigate cyber threats. By aggregating and analyzing vast amounts of security data, it provides real-time threat intelligence, enabling organizations to proactively defend against cyberattacks and protect their digital assets.
Anomali's Threat Detection platform aims to address a range of security-related issues to enhance cybersecurity for organizations. These issues include identifying and mitigating cyber threats in real-time, proactively defending against advanced persistent threats (APTs) and sophisticated attacks, protecting sensitive data from breaches and ransomware, ensuring compliance with industry regulations, and safeguarding critical infrastructure from potential cyber-attacks. By aggregating and analyzing vast amounts of threat intelligence data, the solution empowers organizations in the APAC region to stay ahead of cyber adversaries, make informed decisions, and fortify their overall security posture to counter the evolving threat landscape effectively.
Anomali's Threat Detection platform leverages a range of cutting-edge technologies and innovations to provide robust cybersecurity solutions. It utilizes advanced Artificial Intelligence (AI) and Machine Learning (ML) algorithms to analyze vast datasets and identify patterns indicative of cyber threats. The platform employs network analytics to monitor and detect anomalous activities on networks, enabling early threat detection. It also integrates threat intelligence feeds, employing big data analytics to aggregate and analyze security information from diverse sources. Additionally, the solution may incorporate blockchain technology for secure data sharing and immutability, enhancing collaboration among organizations in countering cyber threats effectively. These technologies collectively empower organizations in the APAC region to bolster their cybersecurity defenses and protect against evolving cyber threats.
Anomali deploys its Threat Detection platform across diverse industries in the APAC region, including government agencies, financial institutions, healthcare providers, technology companies, and large enterprises. The platform safeguards against cyber threats, defends critical infrastructure, protects sensitive data, and enhances overall cybersecurity for organizations in the Asia-Pacific area.
Click image for fullscreen
To stop threats before they become breaches, Vectra AI Attack Signal Intelligence empowers security teams to prioritize, investigate and respond to advanced and urgent hybrid attacks. With 35 patents in AI-driven threat detection and MITRE D3FEND references, organizations rely on Vectra to cut through the noise and achieve signal clarity.
Advanced Persistent Threats: 79% of SOC analysts say security tools are failing: “We don’t know which threats are real.” Attack Signal Intelligence identifies genuine threats in a sea of alerts by understanding attacker behaviors (TTPs) in even hybrid infrastructures. Identity-based Attacks: 73% of SOC professionals admit, “We don’t know where we’re compromised.” Vectra zeroes in on credential attacks by automatically discovering and focusing on accounts most useful to attackers. Lateral Movement: 83% of SOC teams feel outgunned: “We don’t know how to keep pace with modern attacks.” Vectra maps attack progression and tracks methods to stop attackers early.
For over a decade, Vectra has been leveraging advanced AI in its Attack Signal Intelligence, providing signal clarity and security coverage across cloud, identity, SaaS and network. Vectra’s advanced AI has been programmed to think like an attacker and hone in on TTPs. This enables SOC teams to effectively hunt, investigate and stop breaches. More specifically, detections analyze behavior post-compromise to provide coverage for more than 90% of relevant MITRE and ATT&CK techniques. Triage uses ML to distinguish malicious from benign patterns and reduce 80% of alert noise. Prioritization evaluates against globally observed profiles to provide reliable urgency ratings.
Vectra AI has deployments across all industry verticals, with significant market share in Finance, Manufacturing, Software, Critical Infrastructure and Telco. The company helps organisations to respond to cyber attacks in minutes, not months. Globe Telecom has been using Vectra AI to help identify attacker behavior within their network, successfully achieving a 2-3-hour MTTR (mean time to repair). Another international telecom company relies on Vectra and AWS to stop hidden cyber threats. It does this with integration between Cognito and AWS, enabling complete coverage over all devices, including real-time detection, and threat and certainty scores from the enterprise and data centre. Vectra also worked with Blackstone, the world’s largest alternative asset manager, to reduce threat detections on Office365 by more than 50x. Vectra reduced overall alert volume by 90%, and enabled the SOC team to identify areas that required a stronger security posture. Finally, Vectra assisted a Fortune 500 company and world-leading CPG brand, to protect its critical AWS infrastructure. Vectra’s solutions, powered by AI, detected AWS coverage within a few minutes and flagged suspicious use of credentials. With one click, the security team opened Instant Investigations and immediately saw suspicious activity, and were able to shut down an urgent cyber-attack.
Click image for fullscreen
ExtraHop is the cybersecurity partner enterprises trust to reveal the unknown and unmask the attack. The company’s Reveal(x) 360™ platform is the only network detection and response (NDR) platform that delivers the 360-degree visibility needed to quickly identify and respond to suspicious threats.
As 98% of companies expect to use multiple public clouds, they are challenged with monitoring every workload across each environment to minimize gaps in their coverage. Enterprises need to leverage data-rich solutions that use cloud-scale AI and ML to stop advanced threats. Reveal(x) 360 does just that and extracts all relevant contextual data, providing unparalleled visibility into organizational traffic. The de-identified metadata is then processed by ExtraHop’s award-winning ML. The platform applies AI to layers of network telemetry to identify all devices on the network and uses millions of predictive models to detect anomalous behaviors as they occur.
ExtraHop’s AI leverages massive amounts of compute and continuously updates models to make its detections precise, yielding high-fidelity alerts to keep security teams focused on the highest-risk threats first. The solution collects and analyzes flow log and packet metrics to create a real-time view of all workloads, while AI behavioral detection contextualizes the highest priority threats for investigation and remediation in a single management pane. Reveal(x) 360 also offers organizations visibility into employees’ use of generative AI tools, like ChatGPT, to help determine whether sensitive data may be at risk.
Leading financial institutions in the Asia Pacific region deploy Reveal(x) 360 to secure their organizations and overcome challenges presented by regulatory compliance, legacy infrastructures, and the transition to zero trust. Because of regulations, multiple networks within the same financial institution tend to be isolated from each other, making it difficult to see what is happening - or who is hiding - in the network. Similarly, decisions to make technology changes move slowly because of concerns about regulatory compliance. To overcome these hurdles, financial institutions deploy ExtraHop to gain complete visibility across their networks and the entire attack surface, including multiple clouds, on-premises and colocation data centers, and remote sites, so they can catch cyberattacks before its too late. ExtraHop is also helping customers accelerate zero trust adoption by enhancing the IT visibility they need to get going. With an effective ZT strategy, users and devices must be dynamically and continuously authenticated and verified, with access to resources restricted according to least privilege principles. With Reveal(x), financial institutions can continually monitor and safeguard network traffic, validate policy enforcement, and support enhanced collaboration between traditionally siloed teams.
Click image for fullscreen
To stay ahead, organisations must adopt AI and advanced analytics. Ensign's proprietary AI-Powered Cyber Analytics utilises patented algorithms and behavioral analytics, providing organisations with better visibility and faster response times. Its self-learning models employ deep neural networks to detect anomalies in network traffic, providing a technological edge against threats.
Ensign's proprietary AI-Powered Cyber Analytics provides enhanced visibility into advanced threats, enabling organisations to proactively stay ahead of emerging and unknown risks that traditional rules-based systems might miss. It acts as a force multiplier, supporting cyber teams by reducing alert fatigue and allowing them to focus on prioritised incidents. By deploying this solution in clients' SOC and Ensign's SOC for Managed Security Services (MSS), organisations can detect threats beyond the capabilities of traditional cybersecurity tools. This unique offering sets Ensign apart, as no other APAC MSS providers integrate proprietary AI-powered models into their core offerings for enhanced threat detection.
We empower customers in detecting and gaining visibility into advanced threats via the following innovations: Ensign’s patented Self-Learning Threat Detection leverages partially labelled and unlabelled data to train deep learning models, facilitating automatic detection of new, unknown threats. Ensign’s AI-Powered DGA detection model reduces malicious domain communications alerts by more than 99.99%, minimising alert fatigue, improving accuracy, and accelerating response time. Ensign’s Patent-pending Phishing Detection Approach yields more than 95% accuracy rate when detecting phishing attacks, and advanced attacks using Homoglyph and Typosquatting techniques. Ensign’s Patent-pending IoT Detection & fingerprinting provides visibility into IoT landscape to defend against IoT threats
Ensign proprietary AI-Powered Cyber Analytics services addresses our clients’ unique security challenges and enable them to adopt a more proactive, predictive security posture.
Fully Digital Conglomorate: Unable to disclose customer details due to confidentiality agreement.
Challenges:
• Rapid expansion of their business, and reliance on new technology, such as cloud, resulted in an expansion of digital attack surface.
• Ensuring corporate governance across the region for a strong enterprise-wide security posture
• Lack of in-house cybersecurity capabilities to strategise and manage their security operations
• Under invested in cybersecurity
Solution:
• Implemented a roadmap to introduce a suite of security solutions, including cloud security, email gateways, data loss prevention, and endpoint/network protection applications
• Jointly manage and operate a 24/7 scalable monitoring operation
• SOC is augmented with automation and threat intelligence capabilities for advanced threat detection
Results:
• Structure monitoring capability which is scalable and resilient
• Ability to detect and respond to advanced threats
• Enhanced cybersecurity protection for critical business units.
• Security of intellectual properties to ensure and retain a competitive advantage
• Protection of brand reputation by mitigating the risk of data breaches
• Ability to focus on their business objectives with Ensign’s support
Click image for fullscreen
BlackBerry Cylance AI powers the company’s cybersecurity product suite, proactively identifying and stopping novel threats early in the kill chain. Stopping attacks with a 5-year advantage, the updated engine reduces alert fatigue by 90%, stops 36% more novel attacks 12 times faster (w/20 times less resources) than other cybersecurity vendors.
In its August 2023 Threat Intelligence Report, BlackBerry telemetry data showed its Cylance AI engine stopped more than 1.5 million cyberattacks between March and May 2023. No organization is immune to the rise in type and velocity of cyberattacks; and outdated detection and response signature solutions are no match for today’s evolving threats. BlackBerry’s intelligent, prevention-first cybersecurity solutions and 24/7 support help customers to cost-effectively reduce the security burden upon stretched IT teams. Cylance AI stops threats before they execute, reduces the number of alerts by 90%, and helps to manage resource constraints, while significantly enhancing a company’s cybersecurity posture.
All products incorporate AI/ML, powering all stages of the data lifecycle:
• CylanceENDPOINT provides a dramatically simplified investigation and response workflow with an extended detection and response (XDR) alert interface, reducing the volume of alerts by 90%.
• CylanceGUARD: 24/7 threat teams, Cylance AI suite, plus secure Critical Event Management (CEM) capabilities powered by BlackBerry AtHoc provides secure, multi-channel internal and stakeholder communications for incident response during a cyberattack.
• CylanceEDGE streamlines SaaS app connectivity for popular productivity tools, improving collaboration and security for hybrid workforces.
• CylanceINTELLIGENCE provides faster access to contextual threat intelligence to stop breaches, empowering cyber-resiliency.
Singapore-headquartered manufacturer of precision plastic components Sunningdale Tech Ltd deployed BlackBerry CylanceGUARD to ensure continuous protection in online, offline and air-gapped environments. CylanceGUARD provides Sunningdale Tech with access to trained threat prevention experts through a subscription-based model (including CylanceENDPOINT). Deployment of BlackBerry’s integrated Cylance AI solutions almost immediately reduced Sunningdale’s security alerts from 20,000 per day to fewer than ten, freeing up time to focus on core competencies while keeping a look out for potential cyber threats. 24x7 managed detection and response (MDR) by BlackBerry’s team of seasoned cybersecurity professionals is enabling Sunningdale to build and maintain a self-defending factory floor.
Malaysian logistics and delivery provider GDEX deployed BlackBerry CylanceENDPOINT, seeing benefits like increased efficiency in protecting its networks and systems and freeing up of resources to focus on other priorities—all while proactively defending against advanced attacks and emerging threats. Trust was the ultimate objective for GDEX’s pivot to a ‘prevention-first’ approach—no reported data leak has been found since implementation of the solution.
Other points:
• GDEX expects about $1M in total ROI over the next three years.
• GDEX expects a 400% ROI as a percent of cost vs benefit.
• GDEX estimates annual cost-savings of around US$500K.
Click image for fullscreen
Hillstone Networks’ Integrative Cyber Security approach delivers coverage, control, and consolidation to secure digital transformation for more than 26,000 enterprises worldwide. Hillstone Networks is a trusted leader in cyber security, protecting enterprise critical assets and infrastructure, from edge to cloud, regardless of where the workload resides. Learn more at www.hillstonenet.com.
Networks have no boundaries and extend into the cloud, while becoming more complex to manage and secure. More apps and more data mean more network traffic to protect against increasingly sophisticated hackers looking to exploit vulnerabilities. Security teams are spread thin and under-resourced, making it hard to track and protect all IT assets. NDR solutions address the sheer volume of traffic to be monitored and protected by collecting data from network devices and applying AI/ML to detect threats not detected by traditional tools such as perimeter defense or Antivirus.
Hillstone’s NDR solution consists of its sBDS (server Breach Detection System) solution, enabling visibility into north-south and east-west traffic in data centers or campus networks and its XDR solution, i-Source, a big data analysis platform for security operations and threat detection and response. The combination enables a high-performance NDR solution with advanced AI/ML that can map attacks across different elements in the cyber kill-chain and MITRE ATT&CK framework to provide visibility into known and new threats. This complete solution detects enterprise breaches, preventing ransomware situations. From detection to visibility to forensics to mitigation, Hillstone’s NDR suite integrates extensive capabilities.
Hillstone’s NDR solution is deployed across various industries and organizations in the Asia Pacific region, including financial services, telecommunications, healthcare, government, and education.
A regional University has deployed Hillstone NDR in their data center, with both on-premises and virtualized workloads, supporting over 10,000 staff and students. They needed a solution that could help protect their infrastructure and protect their critical assets and confidential data, including staff and student data. The Hillstone NDR solution addressed their challenges, and they are looking to expand beyond NDR as their needs are growing.
Hillstone NDR has protected the customer network with the following key benefits:
• Comprehensive traffic visibility, with the ability to see into east-west and north-south traffic.
• Rich threat and anomaly detection capabilities using advanced behavioral analysis and AI/ML in conjunction with
rule-based approaches to spot common vulnerabilities and exploits while detecting new threats.
• Simple deployment with minimal configuration and ease of use.
• Offers different visualization options, improving situation awareness of the SecOps team, offering single pane understanding of the security health of the organization.
Click image for fullscreen
Provenir's AI-powered decisioning platform is a flexible SaaS solution that helps financial services organizations stay ahead of risk. The platform gives organizations the freedom to iterate, expand, and scale on their own timeline.
Provenir helps organizations protect their data, assets, and reputation with an AI-powered credit risk decisioning platform for various financial services, such as banking, SME lending, buy now pay later, digital merchant onboarding, auto financing, loan origination, and retail and point-of-sale. Provenir's platform enables its clients to access and orchestrate data from multiple sources, deploy and optimize AI models, and automate and streamline risk decisioning processes across the customer lifecycle.
The platform employs encryption, access control, and auditing to protect data. It also uses a variety of methods to verify the identity of customers and employees, including document verification, address verification, and social media analysis. Additionally, we use a variety of methods to detect and prevent fraud, including transaction monitoring, anomaly detection, and machine learning. One of the partners that Provenir works with to offer online fraud management is Vesta, a leader in fraud protection solutions for digital payments, to help Provenir's clients increase approval rates, reduce false positives, and guarantee 100% payment against fraud chargeback. Vesta can also integrate with Provenir's platform to provide seamless and secure fraud protection across different channels and markets. AI is used to analyze data patterns and identify suspicious activity. ML is used to train models that can predict risk and fraud. Low-code development makes it easy for business users to create and deploy decisioning models. A centralized data repository stores and manages data from multiple sources. A secure and scalable cloud infrastructure ensures that the platform is available and reliable. The platform also provides audit trails and other documentation that can be used to demonstrate compliance with regulatory requirements.
Leveraging AI, Provenir helps organizations in Asia Pacific improve fraud detection and prevention, reduce risk exposure, increase compliance, and improve the customer experience. The platform has been deployed by a variety of organizations in the region, including banks, insurers, and financial technology companies. These organizations have achieved a number of benefits from using the platform, including reduced fraud losses, lower claims costs, and faster customer onboarding. With Vesta’s partnership, Provenir's platform helps clients increase approval rates, reduce false positives, and guarantee 100% payment against fraud chargeback.
Click image for fullscreen
The Skybox continuous threat exposure management platform is the next generation of Vulnerability Management. A suite of integrated tools encompassing attack surface visibility, vulnerability management and network security and policy management, the Skybox platform enables organizations to manage their exposure risk across the hybrid attack surface.
The Skybox platform delivers insight and visibility across the attack surface by aggregating security, asset, and infrastructure data into a single model of the organization’s threat exposure. It supports smarter decision-making because a holistic picture of the organization’s cyber exposure is available at-all-times and is continually being updated with the latest threat intelligence. It increases business resilience, because it enables organizations to validate security changes in advance, mitigate compliance risks and assess exposures before they become threats. It maximizes resources by helping to prioritize the exposures that matter most and focus technical resources where they can be most effective.
The Skybox platform supports the 4 phases of continuous threat exposure management. It maps the attack surface, building a visual 360-degree model of the environment overlaid with threat exposure data. It contextualizes the data, capturing information via over 150 integrations with leading network platforms, asset databases, security technologies, scanners, and intelligence feeds. It provides multi-factor risk assessment, combining severity, exploitability, importance and exposure, to help prioritize the exposures that matter most to the organization. It recommends compensating controls (patch, IPS update, network segmentation) based on the circumstances and integrates with the organization’s chosen ITSM solution to automate remediation.
Skybox Security has deployed solutions in different industries, such as FSI, Government, Manufacturing, and a few of our many customers in the APAC theatre are: Bank of Singapore, Suncorp, State Bank of India, DSTA, etc.
2 recent case studies from our APAC customers that can showcase how the Skybox Security solution have improved their security environment are as follows:
- Singaporean government agency:
https://www.skyboxsecurity.com/resources/case-study/prioritize-vulnerabilities-with-greatest-cyber-exposure-risk/
- Indian analytics and digital solutions company:
https://www.skyboxsecurity.com/resources/case-study/gain-attack-surface-visibility-improved-vulnerability-remediation/
Click image for fullscreen
Tenable One is an exposure management platform to help organisations gain visibility across the modern attack surface, focus efforts to prevent likely attacks, and accurately communicate cyber risk to support optimal business performance. The platform merges extensive vulnerability coverage across IT assets, cloud resources, containers, web apps, and identity systems.
In the past 25 years, technology has drastically transformed businesses, expanding their attack surface to encompass cloud, web apps, operational technology, and more. This expansion makes it difficult for organisations to assess and respond to risks effectively. To meet this demand, Tenable launched Tenable One, an exposure management platform that offers unified discovery and visibility for all assets, evaluating their vulnerabilities and exposures to enable proactive risk management. Tenable One empowers organisations to translate technical data into actionable business insights, providing security executives and practitioners with clear intelligence for making informed decisions.
Tenable provides unmatched data science capabilities, leveraging more than 20 trillion aspects of threat, vulnerability and asset information, including: 250+ billion instances of vulnerabilities, 50 billion different security configurations, 20 million threat artifacts supporting more than 2 billion assets. This corpus of data feeds into advanced machine learning algorithms to enable unique innovations like Predictive Prioritization (helps organizations understand which vulnerabilities to prioritize mitigating or remediating), Asset Criticality Rating (a daily rating applied to each asset across the organization) and Predictive Scoring (recommends where to focus efforts in high-risk areas).
Approximately 43,000 organisations around the globe, including approximately 60 percent of the Fortune 500, approximately 40 percent of the Global 2000, and large government agencies trust Tenable to understand and reduce their cyber risk. We actively support organisations across key verticals such as government, manufacturing, finance, retail, healthcare, transportation, technology, utilities, oil & gas.
A testimonial from our customer about Tenable One:
“One of the biggest challenges enterprises face is the lack of actionable visibility to effectively quantify and respond to real exposure and cybersecurity risk. The Tenable One Exposure Management Platform could be the game changer the industry needs. Now organisations can pinpoint additional weak spots that could be targeted by attackers and utilise contextual, prioritised reporting to remediate vulnerabilities.” -- Dr. Michael Mylrea, Sr. Distinguished Engineer, Head of ICS Cybersecurity & Digital Innovation, National Resilience Inc.
Click image for fullscreen
GuardRails' DevSecOps solution is a comprehensive platform that integrates seamlessly into the software development lifecycle. It continuously identifies security vulnerabilities, code quality issues, and compliance violations within code repositories, providing real-time feedback to developers. This enables teams to proactively address and remediate risks, enhancing overall application security and development efficiency.
GuardRails’ platform seeks to proactively identify and remediate security vulnerabilities such as code injection, cross-site scripting, SQL injection, and sensitive data exposure. Additionally, it focuses on mitigating authentication and authorization flaws, security misconfigurations, and inadequate logging and monitoring practices. GuardRails also targets code quality issues and compliance violations, ensuring adherence to industry standards and best practices. By providing real-time feedback to developers and integrating seamlessly into the software development lifecycle, GuardRails empowers organizations in the APAC region to bolster their application security, minimize the risk of data breaches, and maintain robust protection against cyber threats.
GuardRails' DevSecOps solution deploys a combination of cutting-edge technologies and innovations to enhance application security. These include static code analysis, dynamic analysis, and dependency scanning to identify security vulnerabilities and code quality issues. Machine learning and artificial intelligence algorithms are employed to continually improve threat detection accuracy and prioritize potential risks. The platform integrates seamlessly with popular code repositories and CI/CD pipelines, enabling real-time feedback to developers. Additionally, GuardRails leverages cloud-based infrastructure and advanced analytics to provide comprehensive security insights. These technologies collectively empower organizations in the APAC region to fortify their applications against threats and streamline their development processes while maintaining a strong security posture.
GuardRails deploys its DevSecOps solution across a wide range of industries in the APAC region, ensuring robust application security and compliance. These industries include but are not limited to finance, banking, healthcare, e-commerce, government, technology, education, and telecommunications. By catering to diverse sectors, GuardRails helps companies of all sizes and complexities enhance their development processes while maintaining a strong focus on security. The platform's ability to seamlessly integrate into various software development workflows makes it an adaptable and valuable asset for businesses seeking to safeguard their applications and data from potential threats and vulnerabilities.
Click image for fullscreen
Hackuity is a cybersecurity company that provides vulnerability management solutions. Hackuity's platform aggregates and normalizes all security assessment data, whether automated or handmade, and enriches it with AI-driven predictive models to create risk-driven remediation plans. The platform is used by businesses of all sizes, across a variety of industries.
Hackuity's solution addresses vulnerability management, risk assessment, compliance, and reporting. The platform helps organizations to identify, prioritize, and remediate vulnerabilities in their IT infrastructure. It also helps organizations to assess their security posture and identify areas where they are most vulnerable. Additionally, the platform can help organizations to comply with various security regulations and provide comprehensive reporting that can be used to track security progress and identify trends. Overall, Hackuity's solution/service can help organizations to improve their security posture and reduce the risk of cyberattacks.
Hackuity uses various innovations and technologies to provide a comprehensive and consistent view of the cyber exposure of an organization:
• Data aggregation and orchestration: Hackuity can connect to more than 50 third-party security tools and aggregate all the data related to cyber vulnerabilities into a single platform, to break the silos and fragmentation of security tools and processes to provide a holistic picture of the cyber risk posture of an organization.
• Hackuity uses AI/ML to enhance its data processing and analysis capabilities, to automatically discover and classify the assets and endpoints of an organization, and map them to the corresponding vulnerabilities; and to detect and defend against cyber threats, such as ransomware, malware, data theft, and tampering, at the firmware level of the solid state drive (SSD).
• Hackuity has developed a proprietary True Risk Score (TRS) algorithm that calculates each vulnerability based on various factors – such as the severity, exploitability, impact, context, and business environment of the vulnerability – to prioritize the most critical vulnerabilities that need urgent remediation, and reduce the number of false positives and negatives.
Hackuity's solution/service has been deployed in a variety of industries in Asia Pacific, including financial services, healthcare, retail, and manufacturing. These deployments have resulted in a number of achievements, including reducing the number of vulnerabilities in the organizations' IT infrastructure by an average of 50%, improving compliance with security regulations, and reducing the risk of cyberattacks by an average of 30%.
Click image for fullscreen
YesWeHack is a European cybersecurity platform that connects organizations with ethical hackers through bug bounty programs, entering the Asia market in 2019 with its regional HQ in Singapore. It incentivizes security researchers to identify and report vulnerabilities, enabling companies to improve their cybersecurity defenses proactively. The platform acts as a mediator, facilitating communication and coordination between both parties for a transparent and effective process.
YesWeHack aims to help organizations identify and resolve security vulnerabilities before malicious actors can exploit them. By incentivizing ethical hackers and security researchers to actively search for and responsibly disclose vulnerabilities, the platform encourages a proactive approach to cybersecurity. This approach helps organizations improve their overall security posture by continuously identifying and fixing potential weaknesses in their systems and applications. Additionally, the platform fosters better collaboration between the security community and businesses, enhancing information sharing and overall cybersecurity awareness.
YesWeHack primarily leverages crowdsourced security testing and coordination, rather than specific emerging technologies like blockchain, AI, or ML. The platform utilizes the power of ethical hackers and security researchers worldwide, harnessing their diverse expertise to identify vulnerabilities in organizations' systems and applications. While the service itself might not heavily rely on cutting-edge technologies, the efficient orchestration of the bug bounty program and vulnerability coordination process is an innovative approach to enhancing cybersecurity. It fosters collaboration and knowledge exchange between security professionals and businesses, leading to a more robust security ecosystem.
YesWeHack, a European-based cybersecurity platform, has deployed its bug bounty and vulnerability coordination services in various industries and organizations across the Asia Pacific region. Sectors such as banking, finance, technology, e-commerce, government, telecommunications, and healthcare in countries like Singapore, Hong Kong, Japan, South Korea, China, and India have shown interest in leveraging YesWeHack's proactive approach to fortify their digital infrastructure, protect sensitive data, and enhance their overall cybersecurity defenses. By tapping into the power of crowdsourced security testing and collaboration with ethical hackers and researchers, these organizations aim to identify and address vulnerabilities before they can be exploited by malicious actors, ensuring a safer digital environment.
Click image for fullscreen
Micro Focus' Application Security solution is a comprehensive suite of tools and services designed to safeguard software applications throughout their lifecycle. It includes features like static and dynamic analysis, automated testing, and vulnerability assessment, helping organizations identify and rectify security flaws to ensure robust protection against cyber threats.
Micro Focus aims to address critical software-related security issues with its application development lifecycle and vulnerability management solutions. These include identifying and mitigating software vulnerabilities, preventing data breaches and cyberattacks, ensuring compliance with industry regulations, enhancing secure development practices, and fortifying application resilience against evolving threats. By offering static and dynamic analysis, automated testing, and vulnerability assessment capabilities, the solution enables organizations to proactively detect and fix security flaws in their software applications, thereby reducing the risk of potential exploits and protecting sensitive data from unauthorized access or manipulation.
Micro Focus' Application Security solution incorporates several cutting-edge technologies and innovations to enhance security. These include advanced static and dynamic analysis techniques to identify code vulnerabilities, machine learning algorithms for intelligent and automated testing, artificial intelligence for behavior-based anomaly detection, and data analytics to assess application risk comprehensively.
By integrating these technologies, Micro Focus aims to provide a powerful and efficient platform that proactively defends against cyberthreats, ensures compliance, and promotes secure software development practices throughout the application lifecycle.
Micro Focus, a global software company, has deployed its application lifecycle management security and vulnerability management solutions in various industries across the Asia Pacific region, such as banking and finance, government, healthcare, telecommunications, e-commerce, and manufacturing. These industries recognize the growing importance of securing their software applications against cyberthreats and data breaches. By adopting Micro Focus' suite of solutions, organizations in these sectors can proactively assess and rectify vulnerabilities in their software, comply with industry regulations, protect sensitive data, and ensure a robust security posture throughout their application development and maintenance processes. The widespread application of this solution in diverse industries underscores its relevance and effectiveness in addressing the region's evolving cybersecurity challenges.
Click image for fullscreen
The Gigamon Deep Observability Pipeline efficiently delivers network-derived intelligence to cloud, security, and observability tools. This eliminates security blind spots and reduces tool costs, enabling IT organizations to better secure and manage hybrid cloud infrastructure.
Today, 91% of threats use encrypted channels and 93% of malware lurks behind encryption. To help organizations gain unobstructed visibility into encrypted traffic, Gigamon has a breakthrough cybersecurity innovation that brings deep observability to encrypted traffic across any hybrid cloud infrastructure. The Gigamon Deep Observability Pipeline now enables plaintext visibility for encrypted traffic, eliminating critical blind spots that previously concealed threat activity. By capturing traffic before encryption or after decryption, it offers network-derived intelligence that then reveals threat activity—including lateral movement, malware distribution—inside virtual, cloud, and container applications.
Gigamon leverages eBPF technology inside the Linux kernel to deliver plaintext visibility for encrypted traffic. It works with modern encryption methods, including TLS 1.3 or TLS 1.2 with perfect- PFS enabled, and legacy encryption methods, including TLS 1.2 without PFS. Once unencrypted data is extracted, the Gigamon Deep Observability Pipeline transforms raw communication data into flow-level metadata records to reduce false positives, help identify nefarious activity like port spoofing, and accelerate threat detection through proactive, real-time monitoring versus reactive forensics. This network-derived intelligence is not subject to log modification and feeds into observability tools used by both SecOps and DevOps teams.
Gigamon finds widespread deployment across the Asia-Pacific (APAC) region, serving various organizations and industries. Large enterprises with intricate networks utilize the solution to efficiently monitor and manage network traffic, ensuring optimal performance and security. Government agencies across Singapore, Australia, Taiwan, Southeast Asia, such as the National Cyber and Crypto Agency (BSSN) of Indonesia, leverage Gigamon to bolster their cybersecurity defenses and safeguard hybrid cloud infrastructure. Telecommunications service providers across Southeast Asia, such as PLDT, and other major Tier 1 servicers providers in Singapore, Malaysia, Thailand, and the Philippines, as well as Australia, Japan and Korea, rely on Gigamon for real-time insights into network performance, leading to better service delivery and customer satisfaction and security. Educational institutions, such as ANU, and other institutes of higher learning across the region benefit from streamlined network resource management and enhanced protection against cyber threats. Additionally, industries like finance and healthcare embrace the Gigamon solution to comply with stringent regulations and safeguard data integrity and confidentiality. Across diverse sectors in APAC, Gigamon proves instrumental in achieving comprehensive network visibility, robust security, and streamlined operations.
Click image for fullscreen
Dynatrace, the leader in unified observability and security, exists to make the world’s software work perfectly. Our unified platform combines broad and deep observability and continuous runtime application security with the most advanced AIOps to provide answers and intelligent automation from data at an enormous scale.
Due to the widespread increase in the usage of open-source libraries, modern applications usually contain a large number of vulnerabilities. Evaluating hundreds or thousands of open vulnerabilities quickly becomes a daunting task. Optimized for cloud-native applications, containers, and Kubernetes, Dynatrace Application Security provide real-time, automatic attack detection and blocking to protect against injection attacks that exploit critical vulnerabilities, such as Log4Shell. As a result, organizations can protect their applications in real time (without wasting time chasing false positives) and increase DevSecOps automation, allowing them to strengthen the security of their digital services and accelerate throughput.
Our solution is vertical agnostic; Backed by powerful partnerships and integrations with 600+ technologies in the Dynatrace Platform, we are trusted by thousands of top brands across industries from financial services, retail, technology/software, healthcare, telecommunications, government and etc.
Integrated Health Information Systems (IHiS) is a Singapore-based healthcare IT provider and needed front-end observability to help identify and resolve application performance issues in vaccination centers nationwide. Together with AsiaPac, we created a proof of concept (POC) to show what front-end insights Dynatrace could provide. IHiS deployed Dynatrace on over 160 personal computers across 42 VCs to track all service calls and used its Synthetic Monitoring capabilities to monitor API response times and availability. AsiaPac also worked with the teams at IHiS to create customized dashboards for all VCs, enabling them to view all relevant information in one place. Using the insights from Dynatrace, IHiS could pinpoint issues and resolve them quickly, decreasing mean-time-to-discover (MTTD) and mean-time-to-repair (MTTR). This ensured smooth operations at VCs, especially during peak periods, with up to 80,000 vaccinations performed daily.
Click image for fullscreen
OT Zero Trust Solutions - A software/hardware product matrix that provide complete and comprehansive protection for the OT environments and critical infrastructures. The product offerings consists of three pillars, namly security injection, endpoint protection, and network defense.
Applying IT security tools in OT environments is proven not working. TXOne aims for providing the best ways to make sure the highly automated systems can effectively defend themselves from threats, without impacting the operational performance and productivity. Our design philosophy is always keep operational goals at first priority, and then build security on top of that foundation. We want to remove those constraints that keep the OT environments away from a true secure status. All products need to operate independently from clouds, and all products need to support legacy systems like WinXP.
We proposed a framework of "OT Zero Trust" that protects the assets in their entire lifecycle. We supports 6000+ ICS protocols combinations and recognize 8000+ ICS applications to cover OT-specific attacks effectively and efficiently. All these efforts results in extremely system footprints yet a broader coverage of security visibility.
Because we are laser focused on OT environments, we built up deep vertical insights that allows us to achieve contextual awareness when we detect malicious acts. Such intelligence allows us to add another layer of threat knowledge to protect organizations even from unknown threats. This is definitely a unique capability.
Our solutions is widely accepted in all sorts of manufacturing environments and critical infrastructures. We covered this part in our other submission category, so we'd like to provide some numbers to show our potential.
• We're established in 2019. In, 2021 we raise USD$12.9M for Series A, and another $80.8M for Series B in 2022.
• For the past years, our revenue doubles for 3 years in a row.
• Today we have 300+ employees globally.
• 50+ of our threat research topics were accepted by organizations.
• We contributed 40+ CVEs to the cybersecurity community.
Click image for fullscreen
Pentera, the leader in Automated Security Validation, is used by hundreds of organizations globally to continuously validate their security controls, uncover exposures, and improve their security readiness.
The Pentera Platform automatically uncovers real security exposures in the organization’s environment. To do so, it
challenges the entire IT attack surface (internal, external, and cloud) by safely emulating the actions of an attacker, providing
real-time security validation at scale.
Requiring no agents, the platform tests the effectiveness of existing security controls including Endpoint Detection and
Response (EDR/XDR), Endpoint Protection Platforms (EPP), Firewalls, Web Application Firewalls (WAF), and more. The
result of the tests provides security teams with an understanding of their defenses’ efficacy against modern attacks.
With Pentera, organizations can continuously improve their cybersecurity posture by performing validation tests as
frequently as needed.
Pentera uses advanced algorithms to execute multiple ethical attack steps, attempting to achieve complete attack kill chains across the IT environment at machine speed. Every test starts with reconnaissance to map the attack surface. Based on its findings, Pentera dynamically attempts exploits, focusing on the vulnerabilities it has identified. Pentera progresses in a step-by-step manner, analyzing each attack step and building on the results to continue the test. Pentera runs its discovery process to determine targeted assets, it may sniff credentials, crack passwords, or use valid credentials with privileged access. Then, it continues the attack with lateral movement, exploitation and post-exploitation actions. Every test ends with a complete clean-up for reliable sanitation, as safety is key.
Customers in Singapore, Thailand, Philippines, Hong Kong, Australia, New Zealand, Japan Verticals: Government, FSI, Telco, Manufacturing, Retail, Business & Consulting, MSSP, Media Philippines Telco: We replaced their existing tools, Mandiant Security Validation and Ridge Security. End user was surprised by Pentera Core’s capabilities, happy with the speed of validation and quality of the findings. Australia Retail: Use case being largely on-prem and with a lean IT Team, they saw the substantial amount of value that Pentera brings. New Zealand FSI: We replaced AttackIQ. The Economic Buyer saw Pentera’s technical value. We would also like to highlight Pentera's robust establishment of our APJ channels, which is playing a significant role in our continuous growth and achievements.
Click image for fullscreen
Saviynt is a leading provider of identity governance and cloud security solutions. Our platform enables enterprises to secure and govern their digital identities, access, and data across cloud and on-premises environments. With a focus on risk-based security, Saviynt helps organizations efficiently manage and protect their critical assets.
Saviynt aims to address various security-related challenges through its solution. These include mitigating the risks associated with identity and access management, ensuring compliance with industry regulations and data protection standards, securing critical assets and data across hybrid and multi-cloud environments, preventing unauthorized access and insider threats, streamlining identity governance processes, and providing comprehensive visibility into user activity for threat detection and response. By offering a robust identity governance and cloud security platform, Saviynt seeks to empower organizations to proactively safeguard their systems, data, and applications from emerging cyberthreats and vulnerabilities.
Saviynt's solution leverages a range of cutting-edge technologies and innovations to enhance security and identity governance. These include advanced artificial intelligence (AI) and machine learning (ML) algorithms for risk-based access management, anomaly detection, and behavioral analytics. The platform integrates with various cloud providers and on-premises systems, utilizing API-driven architecture for seamless integration. Saviynt's Identity Governance and Administration module employs access analytics that enable organizations to compare user access to peers. These technologies work in synergy to deliver a comprehensive and proactive security approach, ensuring organizations can effectively manage and protect their digital identities and resources in complex IT environments.
Saviynt has successfully deployed its solutions and services across diverse industries in the Asia Pacific region, encompassing financial services, energy, and healthcare sectors. For financial institutions, Saviynt aids in enhancing compliance with regulations like PCI DSS and SOX, as evidenced by a Singaporean bank's 50% reduction in PCI DSS compliance risk. Energy companies have benefited from improved security and data breach risk reduction, exemplified by a major Australian oil and gas firm experiencing a 75% decrease in data breach risk. Similarly, healthcare organizations have achieved heightened patient privacy and security, such as a large hospital in Japan lowering patient privacy risk by 90%. Origin Energy, an Australian energy company, illustrates a successful Saviynt deployment, which improved its IAM capabilities by centralizing processes, reducing IAM costs by 50%, and bolstering compliance by 20% with industry regulations. Overall, Saviynt's solutions are instrumental in fortifying security postures, mitigating data breach risks, and fostering regulatory compliance for organizations throughout the Asia Pacific region.
Click image for fullscreen
YesWeHack is a European cybersecurity platform that connects organizations with ethical hackers through bug bounty programs, entering the Asia market in 2019 with its regional HQ in Singapore. It incentivizes security researchers to identify and report vulnerabilities, enabling companies to improve their cybersecurity defenses proactively. The platform acts as a mediator, facilitating communication and coordination between both parties for a transparent and effective process.
YesWeHack aims to help organizations identify and resolve security vulnerabilities before malicious actors can exploit them. By incentivizing ethical hackers and security researchers to actively search for and responsibly disclose vulnerabilities, the platform encourages a proactive approach to cybersecurity. This approach helps organizations improve their overall security posture by continuously identifying and fixing potential weaknesses in their systems and applications. Additionally, the platform fosters better collaboration between the security community and businesses, enhancing information sharing and overall cybersecurity awareness.
YesWeHack primarily leverages crowdsourced security testing and coordination, rather than specific emerging technologies like blockchain, AI, or ML. The platform utilizes the power of ethical hackers and security researchers worldwide, harnessing their diverse expertise to identify vulnerabilities in organizations' systems and applications. While the service itself might not heavily rely on cutting-edge technologies, the efficient orchestration of the bug bounty program and vulnerability coordination process is an innovative approach to enhancing cybersecurity. It fosters collaboration and knowledge exchange between security professionals and businesses, leading to a more robust security ecosystem.
YesWeHack, a European-based cybersecurity platform, has deployed its bug bounty and vulnerability coordination services in various industries and organizations across the Asia Pacific region. Sectors such as banking, finance, technology, e-commerce, government, telecommunications, and healthcare in countries like Singapore, Hong Kong, Japan, South Korea, China, and India have shown interest in leveraging YesWeHack's proactive approach to fortify their digital infrastructure, protect sensitive data, and enhance their overall cybersecurity defenses. By tapping into the power of crowdsourced security testing and collaboration with ethical hackers and researchers, these organizations aim to identify and address vulnerabilities before they can be exploited by malicious actors, ensuring a safer digital environment.
Click image for fullscreen
Provenir's AI-powered decisioning platform is a flexible SaaS solution that helps financial services organizations stay ahead of risk. The platform gives organizations the freedom to iterate, expand, and scale on their own timeline.
Provenir helps organizations protect their data, assets, and reputation with an AI-powered credit risk decisioning platform for various financial services, such as banking, SME lending, buy now pay later, digital merchant onboarding, auto financing, loan origination, and retail and point-of-sale. Provenir's platform enables its clients to access and orchestrate data from multiple sources, deploy and optimize AI models, and automate and streamline risk decisioning processes across the customer lifecycle.
The platform employs encryption, access control, and auditing to protect data. It also uses a variety of methods to verify the identity of customers and employees, including document verification, address verification, and social media analysis. Additionally, we use a variety of methods to detect and prevent fraud, including transaction monitoring, anomaly detection, and machine learning. One of the partners that Provenir works with to offer online fraud management is Vesta, a leader in fraud protection solutions for digital payments, to help Provenir's clients increase approval rates, reduce false positives, and guarantee 100% payment against fraud chargeback. Vesta can also integrate with Provenir's platform to provide seamless and secure fraud protection across different channels and markets. AI is used to analyze data patterns and identify suspicious activity. ML is used to train models that can predict risk and fraud. Low-code development makes it easy for business users to create and deploy decisioning models. A centralized data repository stores and manages data from multiple sources. A secure and scalable cloud infrastructure ensures that the platform is available and reliable. The platform also provides audit trails and other documentation that can be used to demonstrate compliance with regulatory requirements.
Leveraging AI, Provenir helps organizations in Asia Pacific improve fraud detection and prevention, reduce risk exposure, increase compliance, and improve the customer experience. The platform has been deployed by a variety of organizations in the region, including banks, insurers, and financial technology companies. These organizations have achieved a number of benefits from using the platform, including reduced fraud losses, lower claims costs, and faster customer onboarding. With Vesta’s partnership, Provenir's platform helps clients increase approval rates, reduce false positives, and guarantee 100% payment against fraud chargeback.
Voting Criteria :