woman-with-smart-glasses

Scaling out technology, vast experience, for actionable cybersecurity insight

Watchtwr, a cybersecurity startup based in Singapore, seems to have gotten to the essence of every organisation’s cybersecurity nightmare. It could be summed up in a question, albeit a big question, which goes something like this:

New vulnerabilities would appear too frequently and be exploited too quickly for relatively slow security audits to make any sense. How does Watchtwr help address this?

Ben Harrison, founder and CEO tackled the question by breaking it down into their years of experience breaking into organisations, and their solution’s current ability to capture and analyse data which has gotten significantly more advanced than it used to be ten years ago.

He said, “And so by combining true expert offensive security capability, with our ability to understand data and interpret data very, very rapidly, we’ve built out a pipeline as part of our technology that gives us that kind of real time continuous analysis of an organisation’s attack surface.”

New vulnerabilities would appear too frequently and be exploited too quickly for relatively slow security audits to make any sense. How does Watchtwr help address this?

It’s a combination of using advanced cybersecurity technologies, which requires expert cybersecurity personnel to, “… tune, mold, and adapt the technology so that it is constantly relevant and up-to-date,” he explained.

Data-intensive insights at scale

This is a data-intensive approach which churns out huge amounts of data every day. “We work with some of the world’s largest financial institutions and the attack surfaces that we have to look after, are vast,” shared Ben.

“Technology helps in ingesting all the data and analysing it, ultimately doing all the leg work and heavy lifting and data analysis, at scale.”

According to him also, it’s expert skills and experience fuel the technology however to understand what attackers are doing and more accurately assess the true attack surface.

In other words, their approach is able to distill all the cybersecurity alarms and alerts and notifications, into true insight that organisations can actually act upon.

Algorithm

Having spent years red-teaming to test organisations’ defenses, gives Watchtwr unique insight into how adversaries think.

“We have built a piece of technology that acts as a framework, that we can very easily plug insight into and scale this out to all of our clients,” Ben said.

Taking all those years of systematically infiltrating defenses and identifying vulnerabilities, has allowed Watchtwr to ‘mindmap’ up a framework with expanded and detailed processes, which is then embedded into their technology solution.

Having spent years red-teaming to test organisations’ defenses, gives Watchtwr unique insight into how adversaries think.

Ben explained, “Clients typically view us as a penetration testing solution, but (one which is) continuous and driven by scalable technology.

“Penetration testing itself is a very consultation- driven activity that is  (powered) by humans,” he said.

After assessing what exists in the market, Watchtwr was ideated when Ben realised (the industry) had to take good human insights that are always updated and apply it to good technology.

“What happens is that expert insight can then be scaled out to more clients that can benefit from it.”

Attack surface management

Watchtwr is different from a security operations centre (SOC) solution, by virtue of being proactively looking for flaws, Gartner has also defined solutions like Watchtwr’s as being ‘emerging’.

He opined that in today’s age and realm of cybersecurity, (existing solutions’) approaches no longer give the value or understanding (of attacks) that they used to.

“Gartner has defined an extremely broad space in the market as attack surface management,” Ben said adding they are in talks with the research company to make definition of the space a little bit more succinct and precise.

He opined that in today’s age and realm of cybersecurity, (existing solutions’) approaches no longer give the value or understanding (of attacks) that they used to.

Ben concluded, “For us, we are focused on what are these pain points faced by these businesses that are highly targeted by adversaries.”