In The Boardroom With...
Mr. Guy Caspi
Chief Executive Officer
Updated April 2017
Spring has Sprung – A CISO’s Guidelines for Organizational Spring Cleaning
Winter is finally over and spring is in the air. If you’re like us and prefer warmer days, in preparation for spring, we compiled a CISO’s checklist. Throw your broom away and replace it with a pen and paper to be sure you’re following these guidelines.
Next-Generation Security Survey report: Guide for Endpoint Security Consumers and Vendors
The endpoint security market is highly competitive and vendors are divided into two camps: prevention and detection promotion.
The primary differentiator between prevention vs. detection is the pre-compromise vs. post-compromise approach.
While the two approaches meet different specific needs, there is general disagreement on which approach is better overall.
This research identifies as many vendors in the endpoint protection space as possible, enabling the research participants and readers decide for themselves whether they’ve heard or used the solutions, and if the solutions meet the provided definition of an NGES solution.
On-Demand Webinar: The Malware Battleground 2017
Watch as our head of cyber intelligence, Shimon N. Oren, walks us through the newest malware concepts and campaigns that will shape this year’s playground between hackers and the cyber-industry. In this webinar you will learn about: 2016 in retrospective, 2017 – Trends and predictions, Implication for Cybersecurity leaders.
Deep Instinct Key Innovator- Endpoint Detection and Report by MarketsandMarkets
The Endpoint Detection and Response (EDR) market size is estimated to grow tremendously by 2021, at an estimated Compound Annual Growth Rate (CAGR) of 25.0%. The base year considered for the study is 2015 and the market size estimated is from 2016 to 2021. The full report defines, describes, and forecasts the Endpoint Detection and Response market on the basis of components, enforcement points, deployment modes, organization size, industry verticals, and regions.
SecuritySolutionsWatch.com: Thank you for joining us today, Guy, at this very exciting time in the growth of Deep Instinct. Before discussing today’s cybersecurity threat environment and Deep Instinct solutions in greater detail, please tell us about your background. May we also have a brief company history?
Guy Caspi: I’ve utilized my advanced degrees in Mathematics, Machine Learning and Business to apply mathematics and machine learning in a technology elite unit of the Israel Defense Forces (IDF), as well as in financial institutions and intelligence organizations around the world. Over the past two decades, I’ve led some of the largest government cyber and Big Data projects in Israel and other countries.
Founded in 2014, and out of stealth mode since November 2015, Deep Instinct is the first company to apply deep learning to cybersecurity. With offices in Tel Aviv, Israel and in North America, we now have 65 employees.
Our company has a winning combination of people who have the academic knowledge and credentials, paired with unique experiences in cybersecurity gained through years in the intelligence and elite units that focused on cyber- attacks. We adopt the mindset of hackers in order to be prepared for all vulnerabilities. In addition, Deep Instinct's dedicated deep learning research group is headed by one of the leading researchers in the field of computational intelligence. Moreover, the company has a highly-experienced management team that leverages its cybersecurity and academic backgrounds to carry out a successful product that offers an effective solution to address a critical need in the industry.
SecuritySolutionsWatch.com: One will read on your site that Deep Instinct is, The First Company To Apply Deep Learning To Cybersecuriy” Please give us an overview of how Deep Instinct works.
Guy Caspi: Deep Instinct’s core technology is deep learning, which is an advanced branch of artificial intelligence (AI). Deep learning is inspired by the brain's ability to learn: once a brain learns to identify an object, its identification becomes second nature. Similarly, as Deep Instinct’s artificial brain learns to detect any type of cyber threat, its prediction capabilities become instinctive. Deep learning has exhibited groundbreaking results when applied to computer vision, speech, and text understanding and we are the first company to apply it to the cybersecurity domain. In cybersecurity, there a big need for solutions that can protect against brand new (zero-day) threats in real-time – a critical issue that causes great vulnerabilities to almost every business.
Deep learning is complex and its application has a very high barrier entry because the neural networks are comprised of tens of hundreds of layers and the mathematics required to create such layers is extremely difficult. Even once this hurdle is passed, the implementation of running massive data sets using GPUs (Graphic User Interface) is not an easy feat. Moreover, creating a deep learning-based technology that can run as an on-device client requires great expertise that raises the bar even higher. The few companies that have demonstrated these capabilities have mostly been acquired by giants, such as Google, Facebook and Salesforce. Furthermore, Deep Instinct does not use open source deep learning libraries but instead, has created its own.
SecuritySolutionsWatch.com: What are the major benefits with respect to detection, prevention, accuracy, ease of deployment and other features.
Guy Caspi: Deep Instinct offers a unique solution of prevention, which includes blocking malware before it is activated and can cause harm. Many new solutions on the market can only offer detection and prevention once the business has been infected, but we can detect and prevent before any damage occurs. By way of analogy, if a business were a person and the malicious attack were poison, other cybersecurity vendors need the person to first touch the poisonous object to then they can act and prevent the poison from spreading throughout the body. From Deep Instinct’s perspective, we can tell the person not to touch the poisonous object in the first place because we immediately identified it as harmful.
Moreover, Deep Instinct focuses on unknown threats and APT (Advanced Persistent Threat) attacks whether they are in a file-less manner or already existing in the system. Instead of waiting for the next unexpected attack, the next unknown attack is identified and blocked in real-time before any harm can occur. The ability to offer immediate prevention extends beyond a network or Internet connection by covering the device even when it is not connected to them.
Furthermore, our detection rates are substantially higher that existing solutions on the market. This unprecedented accuracy in predicting unknown cyber threats is enabled by the application of proprietary deep learning algorithms. Deep learning’s capabilities of identifying malware from any data source results in comprehensive protection on any device, platform, and operating system, filling in gaps by providing complete solutions. Finally, deployment is fast and seamless and the solution’s operations do not affect the user experience.
SecuritySolutionsWatch.com: The bad guys come in many forms; foreign governments, sophisticated hacker groups, and sometimes…the “insider”. And, unfortunately, the daily headlines about DropBox, Dyn, LinkedIn, OVH and Yahoo remind us how vulnerable we are in today’ constant threat environment. What is your perspective, Guy, regarding the unique value proposition that Deep Instinct delivers in today’s cybersecurity environment?
Guy Caspi: We’ve established Deep Instinct for two main reasons: First, we noticed a gap in the market as many existing cybersecurity companies have data security in their DNA but they solely provide alerts on attacks rather than block them. Beyond the issue of false alerts, receiving logs and logs of data on alerts and threats doesn’t solve the problem. It might have been sufficient in the past, but it is impractical for meeting the bottom-line needs of organizations which is now focused on blocking attacks.
Threat prevention that focuses on sandboxing and behavioral analysis doesn’t necessarily solve the problem because the degree of sophistication of the malware continues to increase. Deep Instinct was established to prevent the attack before any harm can happen.
Secondly, we wanted to develop a product that would protect the most vulnerable areas of an organization: unknown threats and attacks that are most difficult to block in real-time. In today’s cybersecurity landscape, it’s clear that you cannot protect an organization just by locking the door. Deep Instinct protects the endpoints, the servers and the mobile devices: the last line of defense that is most important to the organization. The door, window, and the fence will always be broken into but the safe must be unbreakable. We protect the safe against any attackers, especially new and sophisticated ones.
Furthermore, our objective is not to bring a minor improvement in detection, but to substantially increase the protection rate. To deliver proper protection, you must be able to handle threats and attacks that you’ve never seen before, on the spot. This is our core competence as deep learning enables this capability. We train our neural networks in a unique way, leveraging our deep learning expertise and our elite research team that hails from the top research military units.
In terms of our positioning in today’s crowded cybersecurity landscape, we see great potential in partnering with EDR/AV vendors mainly because our go-to-market is based on augmentation rather than replacement of other solutions that protect the end points from known threats.
SecuritySolutionsWatch.com: Congratulations on the recognition from Gartner and other industry voices regarding Deep Instinct solutions – care to elaborate?
Guy Caspi: Deep Instinct was named by Gartner, Inc. as a Cool Vendor in Digital Workplace Security. Each year, Gartner identifies new “Cool Vendors” in key technology areas and publishes a series of annual reports assessing these emerging companies, their products and services. Helping prospective companies separate hype from value, Gartner’s recognition of “Cool Vendors” not only reflects up and coming technologies that are innovating and impactful, but separates hype from true value.
Deep Instinct was also mentioned as a sample vendor in Gartner’s Hype Cycle for Application Security, 2016 report. The purpose of the Hype Cycle report is to help IT and security leaders ensure the detection of application vulnerabilities and protection against application-level attacks. This Hype Cycle illustrates the progress of technologies in this market space, which ranges from emerging technologies to mature ones. In addition, we were named a representative vendor in Gartner’s Market Guide for Mobile Threat Defense Solutions, a report that reviews current malware and mobile threat defense solutions available on the market, and recommends how security leaders should use them. Additionally, Deep Instinct was mentioned as a sample vendor in Gartner’s Hype Cycle for Mobile Security, 2016.
These prestigious references come in addition to citations in Gartner’s following reports: Comparison of Endpoint Detection and Response Technologies and Solutions in June, Comparing Endpoint Technologies for Malware Protection in March, and Gartner’s Magic Quadrant for Endpoint Protection Platforms in February. The mentioning in Gartner’s Magic Quadrant for Endpoint Protection Platforms was only three months after we came out of stealth mode.
Moreover, Deep Instinct has been recognized by Dark Reading at Black Hat USA as the most innovative startup that has been in the industry for three years or less and is exhibiting groundbreaking ideas on IT security that have the potential to change the way enterprises approach security issues and how the industry thinks about information security. We are honored by this prestigious recognition because it showcases our relentless drive for innovation in our abilities to apply deep learning to cybersecurity and empowering enterprises' cybersecurity capabilities with instinctive, real-time protection from the next unexpected attack.
We believe that our unique technology – being the only company that offers a truly agnostic solution that covers mobile, endpoints and network, as well as successful implementation with clients and impressive results in independent testing – merits the attention we are receiving from the industry.
SecuritySolutionsWatch.com The Deep Instinct White Paper: A Comprehensive Guide for Sophisticated Ransomware Variants could not be more timely and important in today’s environment. Care to give us an overview of the major highlights?
Guy Caspi: There’s no doubt businesses are an appealing target for ransomware attackers, as seen in numerous major attacks this past year. However, we’re starting to encounter more sophisticated variants than the classic Crypto ransomware, presenting corporate-oriented capabilities. We expect to come across more unusual ransomware types targeting organizations. Our whitepaper is the result of Deep Instinct’s detailed research into classic and unique ransomware families. Our research provides a thorough understanding of the workings of the different types of ransomware and offers a solid foundation for developing protective measures in the organization to avoid falling victim to this type of cyber-attack.
The whitepaper also sets out a thorough analysis of the potential evolution of this cyber-attack method. We expect to see the following trends developing in ransomware: ransomware that wipes out the data instead of encrypting it; ransomware that denies access to the entire operating system, rather than just to specific files; as well as ones that prevent the operating system from booting by overwriting the MBR (Master Boot Record). Furthermore, ransomware families targeting enterprises are likely to have different variants for each operating system, or even be cross-platform. Nowadays, the majority of ransomware families target only the Windows operating system. However, in the future, ransomware attackers will probably be able to hit every server, client, mobile device, or any other network component in the organization, leaving no uninfected endpoint, and no recoverable backups. Another trend we expect to see is a severe ransomware attack that will target industrial networks, not necessarily by encrypting files but by simply disrupting activity, which could cause electric, water, gas, or nuclear utilities to shut down until the ransom is paid. Readers are welcome to download Deep Instinct’s ransomware whitepaper here.
SecuritySolutionsWatch.com: Is a demo available for potential new customers?
Guy Caspi: We are happy to offer demos to analysts, prospects, journalists and anyone interested in learning more about our innovative approach and groundbreaking cybersecurity solution. Readers interested in seeing a demo are welcome to visit our website at: www.deepinstinct.com and click on the “Book a demo” button where they can submit their details and we will contact them to schedule a demo.
SecuritySolutionsWatch.com: Thank you again Guy for joining us today...are there any other subjects you would like to discuss?
Guy Caspi: This past year, as we have gone out of stealth mode, we‘ve had very positive traction in North America, APAC, and EMEA. In the upcoming year, our focus will be on growing our footprint in the market, reaching new customers across the globe in robust markets, as well as continue with our brand awareness efforts. We are also planning on expanding our product by adding new defense vectors in addition to our existing solutions: endpoints, servers and mobile. Last but not least, we are very excited about the third and largest office that we will be opening in Boston early 2017.
In terms of the industry, we are witnessing transformations in the cybersecurity world and within network architecture, and we plan on adapting to and meeting the security needs that arise from these evolving changes. Last, but not least, we will focus on raising awareness about the growing cyber risks in the mobile market, emphasizing how this new threat vector must be protected.
The cybersecurity market is one of constant innovations. It is the hottest market and therein lies its beauty. We need to constantly rethink the way we combat cyber-attacks and we believe that Deep Instinct is in the avant garde of this mission.