Alberto Pelliccione, CEO
Metaphorically speaking, the threat landscape and the cybersecurity realm are engaged in an intense cat-and-mouse game, with evolving role changes, sophisticated arsenals, and defense mechanisms. To this end, the enterprise arena, unfortunately, has been witness and victim to unprecedented levels of damages. Threat actors are innovative and the past year has seen an increase in the so-called fileless attacks. Also they’re changing strategy and aiming at attacking the supply-chain as it provides a great way to amplify their attacks. All these factors must be taken into consideration while opting new technologies that help organizations to identify attacks and vulnerabilities, and reduce the discovery time. In such a scenario, automation plays a big role as cybersecurity resources become scarcer, and the amount of data for processing grows, making protection and remediation, a herculean task for security teams. In the enterprise security battleground of the black and the white hat armies, ReaQta stands tall with a bright white hat.
It is true that companies often have basic security setup in place: firewalls, IDS/IPS, and antivirus, but they usually lack visibility on the endpoints, and in turn, they lack proper means to run threat hunting and identify anomalous behaviors. To this end, ReaQta, offers the “missing link” by providing full and continuous visibility, top-of-the-line threat hunting capabilities, through an automated system that understands the endpoint’s behavior and identifies anomalies that have a direct security impact. “By moving up in the technology stack we help our customers understand high-level information such as the TTPs (tactics, techniques, and procedures) in order to help them track an attacker and better understand their modus operandi,” mentions Alberto Pelliccione, CEO of ReaQta.
At the core of ReaQta’s AI-based security offering is NanoOS, which is capable of analyzing/monitoring endpoints at an individual (single device) level and a cluster level.
We help our customers understand high-level information such as the TTPs (tactics, techniques, and procedures) in order to help them track an attacker and better understand their modus operandi
From an integration standpoint, it positions swiftly between the hardware and software of the clients’ infrastructure, which ultimately gives it a bird’s eye view on endpoints for behavioral and threat analysis. The unique positioning also makes it hard for perpetrators to gain access to and shut the system. In terms of scalability, as Pelliccione mentions, ReaQta can scale up to 5000 endpoints in an hour. On the infrastructure visibility front, ReaQta’s intuitive dashboard makes endpoint device scrutiny as easy as using a search engine. The NanoOS stack can instantly hunt and notify infrastructure anomalies, activities, and past and present threats. Depending on the business requirements, security teams can create custom detection, protection, and response scenarios. In effect, the built-in automation and alert capabilities proactively take away the need for human intervention to a great extent.
The success story of one of their clients best exemplifies ReaQta’s value proposition. The customer operated hundreds of large ships equipped with a considerable amount of machines that ran on very limited bandwidth. Many ships had infected endpoints, which turned out to be a profitable exploit for pirates and thieves. “We deployed a special version of our solution capable of working on very low bandwidth channels adding visibility over a plethora of devices across the fleet that would have otherwise gone unmonitored for months,” recalls Pelliccione.
The company’s clients range from financial players to entities that run mission-critical infrastructures—those players who deploy a large number of “tangible” devices. To further grow their market reach and presence while serving companies who can’t afford full-fledged security teams, ReaQta’s has also licensed the sale and servicing of their offering to managed security providers (MSP). Looking ahead, the company plans to accelerate their enablement of MSPs to expand in the European and Asian markets aggressively.