Elastio uses reverse engineering to better understand increasingly sophisticated ransomware | #ransomware | #cybercrime

Ransomware is on the minds of most corporations today, with a big concern about the impact of getting hit on day-to-day operations. Various solutions have emerged to help mitigate those headaches, including when it comes to cloud-native and cloud services.

The operating model in the cloud is much different than it is on-prem, according to Najaf Husain (pictured), founder and chief executive officer of Elastio Software Inc. That means there’s a very different strategy in place when it comes to technologies in the cloud to make things work, scale and be cost-performant for customers.

“We started out with the cloud in mind. All our technologies [are] focused on the cloud,” Husain said. “We work today on Amazon, you’ll see us go to multiple clouds soon — namely Azure, [Google Cloud Platform], the big triumvirate — but that’s where we start. Usually, the personas we focus on are the cloud security folks. Also, the infrastructure people get involved as well because it’s data. So, we’re kind of in between both of them.”

Husain spoke with theCUBE industry analyst John Furrier at the “Cybersecurity” AWS Startup Showcase event, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed the secret sauce of Elastio’s solutions and technology, along with the problems it aims to solve. (* Disclosure below.)

Knowing what’s in the data

Elastio is available out of the AWS Marketplace and works with a lot of Microsoft Corp. partners currently. The company also has a team that works with customers directly to get them deployed, with the product installed in 10 minutes through a cloud formation template, according to Husain.

“One thing that’s very unique about what we do, everything’s operated in the customer VPC,” he said. “So, it lives in the customer account, so the data never leaves that account. That’s a very important component of the platform.”

When it comes to Elastio’s core technologies, there are several areas at play, including the company’s deep inspection, its data integrity engine, and its ability to finally detect ransomware, malware and corruption inside data, according to Husain.

“That’s not an easy thing to do. When you think of some of the other solutions, where they talk about anomaly detection, that’s a much different value proposition,” he said. “We’re inside that data and looking for very specific ransomware and malware, and we can prescribe exactly what we find. We’ve spent over the last three years reverse engineering over 1,800 ransomware, so we know what they look like.”

The company has built a “very aggressive” machine learning engine that is very fine-tuned to find those compromises. It has also built a storage engine, which it calls a secondary storage engine, with global deduplication built in.

“The purpose of that is so that you can keep retention of those assets at a lower cost, but it gives you threat intelligence over time,” Husain said. “We have post-attack recovery built in. So, we find the compromises; we let customers recover as well.”

Ransomware is a big concern

The big concern is knowing what is going on inside data today, according to Husain. If a company’s data is compromised, that’s a big vulnerability for the enterprise — and if data is compromised and a company doesn’t know about it, that means it gets replicated.

“That means it gets in your backups, so now my backups are compromised. So it’s imperative for companies to know that their data’s not compromised, and if it is, they’d like to know it’s compromised early and often so they can remediate the issue,” he said. “That’s a big threat for businesses now. Ransomware, I mean, these guys are smart. This is an extinction-level event, even for big banks, right? It’s very risky, and these ransomware gangs are very sophisticated now, and they’re enterprise businesses.”

They are like a pyramid scheme, with everyone getting paid if they get a ransom pay, according to Husain. There’s a “deep bench” of these bad guys out there, running around trying to compromise enterprises.

“That’s what we’re here to help [with] and make sure that data stays uncompromised, and make sure that businesses can recover the data when they need it safely,” he stated.

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the “Cybersecurity” AWS Startup Showcase event:

(* Disclosure: Elastio Software Inc. sponsored this segment of theCUBE. Neither Elastio nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE

Your vote of support is important to us and it helps us keep the content FREE.

One-click below supports our mission to provide free, deep and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy


Source link

National Cyber Security