New Hosted Solution Addresses Critical Visibility Gap to Protect Corporate, Cloud Assets and Reduce Remote Worker Risk
TrapX Security, the global leader in Deception-based cyber defense solutions, today announced the release of TrapX Flex™, the industry’s first Deception-as-a-Service solution created specifically to protect corporate assets from the risks posed by the growth in remote employees and devices.
The massive `work-from-anywhere’ paradigm shift has resulted in a dramatic increase in corporate risk globally. According to a recent Osterman Research survey, 71% of responding IT Managers reported that cyber risk exposure is greater now than it was pre-pandemic due to the expanding remote work environment. Additionally, roughly 68% admitted to not being well prepared for the pandemic or the resulting lockdowns, and a further 60% think 2020 has seen an increase in overall organizational risk.
Security teams and the access points they must protect are now scattered and disconnected, making it even more difficult to identify and stave off threats. Remote employees — many of whom are working away from the office for the first time — are more vulnerable to phishing and other malware attacks, switching between unmanaged personal and corporate devices, and connecting to unsecured personal or public networks every day. Traditional, on-premise security controls are no longer sufficient to keep pace and protect critical assets.
TrapX Flex, powered by patented TrapX technology, delivers all the benefits of Deception without the overhead, reducing cyber risk with a hosted, turnkey platform that provides end-to-end protection and visibility, including:
- Endpoint Fitness Test: a fast, lightweight audit that assesses the state of remote worker endpoints, visualized via an intuitive summary dashboard and heatmap.
- Agentless, Endpoint Lures: Invisible to the end user, VPN credentials, files, browser histories, etc. coax the attacker away from real assets and into emulated traps.
- Cloud and Corporate Traps: Lure attackers to emulated VPN, Internet-facing Cloud traps and Corporate traps. Attackers waste time and share insights into TTPs in exchange for fake information.
- Hosted Security Console: Attack Visualization displays high-fidelity alerts and attack intelligence, giving Security Operations teams valuable, advance visibility into malicious activity.
- 24/7 Monitoring and Analysis: security incidents are monitored by TrapX experts and rapidly identified, investigated, triaged and classified followed by APT & Malware binary analysis; PCAPS, JSON file analysis; Artifacts analysis; and Log analysis using threat and behavioral intelligence.
“Deception is thought of as a technology that is used to protect assets from the inside of a network perimeter,” says Chris Kissel, Research Director of Security and Trust Products at IDC. “With TrapX Flex, IT and Security teams also receive visibility and protection for devices connecting outside of a VPN and often discover shadow IT.”
“The explosion of remote workers has fundamentally changed how enterprises build their strategy, their teams and their culture. It has accelerated digital transformation, bringing well-known challenges such as Shadow IT, BYOD and Cloud security to the forefront,” said Ori Bach, CEO of TrapX. “Most security leaders acknowledge that they’re now exposed to more risk, shining a light on the need for greater surface area coverage and lateral movement visibility in the Cloud and in their corporate networks. In a time of drastic disruption, security teams must embrace these changes and take the fight to the attackers. TrapX Flex is a light, fast, cost-effective option for mitigating New Normal risk while being complementary to conventional security practices, and non-disruptive to both end users and internal security resources.”