Javelin Founder Abutbul on WannaCry

Abutbul

By: R. Scott Raynovich


Once again, the world is being woken up with a major security crisis, with the WannaCry ransomware virus shutting down business operations, equipment, and even hospitals worldwide. WannaCry is now reported to have touched more than 150 countries and to have caused as much as $4 billion in damage, according to U.S. News & World Report.

It was a good time to check in with Roi Abutbul, the Founder and CEO of Javelin Networks, a security startup. Abutbul is a security and computer networking veteran, having served in the OFEK, the Israeli air force tech unit.

In February, Javelin raised a $5 million Series-A financing round -- led by RSL Capital; Hillsven Capital; UpWest Labs; Tomer Weingarten, CEO of SentinelOne; and other private investors -- which will be used to fuel the startup's development and growth. Javelin has offices in Tel Aviv and Palo Alto, Calif.

Futuriom: High-profile IT security breaches seem to be becoming bigger than ever. Is it getting harder to secure a network or IT resource?

Abutbul: The industry has improved dramatically in last 10 years -- the research community is more collaborative, vendors have faster and more efficient response teams, the general public is more aware and educated -- but on the same note, our industry is obsessively focused on defending endpoints, application, cloud, mobile devices, network, etc. However, the one element that still has remained unprotected since 1999 is the (Microsoft Windows) Active Directory, which is used in 9 out of 10 companies around the world and exposed by design.

Futuriom: Everybody is using the term Artificial Intelligence (AI) these days. And now the security regulators say they are applying AI. Can you tell us exactly why?

Abutbul: Security's main goal is to differentiate between good and bad, but that's not the end of it; they need to digest a huge amount of data, from multiple sources, and all the time. Using AI in the right way could help close the gap save time and resources for the corporate.

Futuriom: The WannaCry ransomware appears to have spooked everybody -- now reportedly striking more than 150 countries. What's different about this attack?

Abutbul: The main difference about this attack is the fact it managed to self-propagate itself internally, from within the corporate (infrastructure), without the need for any user intervention (i.e. downloaded file, infected website, etc.). Nearly a perfect crime, “you got a foothold on one machine, you got them all."

Futuriom: Our research shows that IT security experts are increasingly stressed about the challenges of protecting IT assets and confused by the number of security tools that now exist. Do you think things are going to get any better for them?

Abutbul: The number of options that exist today is a blessing, and the fact that there is a lot to choose from is not supposed to disrupt the IT security experts as long as they balance their defense strategy and strive to protect all IT elements equally -- the computers, the servers, the network, mobile devices, applications, and Active Directory, which is the heart of every corporation.

Futuriom: There are now more than 400 IT security startups, according to Futuriom research. Tell us how you differentiate Javelin Networks.

Abutbul: There are 400 startups that obsessively focus on protecting the endpoint (AV, Next-gen AV, EDR, isolation), the network, the mobile devices, etc., but practically none of them is protecting the commonly used technology that has been in 9 out of 10 corporations for 17 years and managing almost 100 percent of the corporate computers: the Active Directory (AD). Everybody knows what AD means for the corporate, but not what it means for attackers. We have created the AD Protect platform to protect the AD, responding automatically to an incident and containing the breach without the need to change any of the IT infrastructures, install agents, or monitor traffic.