BluSapphire | Intelligent Cyber Defense
Stocksy_txp824ffa5crXt000_Original_845127.jpg

Industries

Industry Use Cases

Banking & Finance (BFSI)

 
finance.png
 
 

Case Study

A large public sector banking organization in APAC region was left unnoticed about a major network breach via malicious program which was utilizing SIP/VOIP Network as a CNC & Data transfer channels.

Consequence

Distributed denial-of-service (DDoS) attack, Data Compromise, Deleting or Encrypting data in order to carry out an extortion scheme.

Response

The Banking Client wasn’t aware of the breach until, they started a BluSapphire Proof-Of-Concept on their premises. Once BluSapphire sensors were online, it quickly picked up anomalous activity on the SIP channels. On investigation, BluSapphire team found that a Threat Actor from a very interested country was exploring and maintaining their control over the client’s network over SIP channels that were usually left open. The conferencing equipment that was compromised, was being used to jump on to the clients network, as the client did not have strict segmentation/ACLs between VOIP & Data VLANs.

BluSapphire is a true watchdog sniffing the Network traffic, monitoring endpoints activities, understanding behavioral patterns in real-time. Our multi-vector engine ensures that every anomaly is analysed effectively. Its Advanced Behavioral engine keeps a track of unusual activities within the network and alerts on any suspicious user behavior patterns.

Built on Machine Learning, Predictive Analytics, Behavioral analysis &artificial intelligence (AI) techniques; we can detect an attack and stop it in Milli-Seconds instead of days and weeks. Our Automated Agentless Response, can respond to threats in real-time, as compared to weeks and months it takes doing this manually.

 
 
“Our cyber-detection capabilities increased drastically. Agentless Quarantine has improved our response times”
— CTO, Large Investment Firm in NYC
 

Retail

 
 

Case Study

A premier Retail aggregator was breached and data was ex-filtrated from their network without their notice.

Consequence

Loss of Data, Data Breach, Reputation Loss

Response

BluSapphire was called in for a Proof-Of-Concept. The system was brought online over a weekend, and BluSapphire immediately alerted on DNS tunneling activity. BluSapphire’s multi-vector platform alerts on both network, flow, system, endpoint and user based activity. Using our quick agentless Response & Remediation module BluGenie, we were able to identify the source of the exfil, the malicious process and the user accounts that were compromised. Based on the indicators gathered, BluSapphire’s agentless hunt module was quickly able to identify multiple infected systems spread across three geographic locations in matter of minutes. Normally this kind of response takes weeks to accomplish. BluSapphire Unified Cyber Defense Platform was able to deliver results in minutes.

When you are compromised, every minute counts. Don’t play catch-up. BluSapphire’s Unified Cyber Defense Platform with Intelligent Agentless Automated Response detects zero-days, ransomwares, APT activity in real-time and protects organizations assets.

 
 

Solution Integrator

 
 

Case Study

An exchange listed large Solution Integrator (SI) running OffShore Development Centers (ODC) for multiple clients got hit with a ransomware attack and was looking for security solutions to protect and prevent such attacks.

Consequence

Data Compromise, Reputation Loss, Deleting or Encrypting data in order to carry out an extortion scheme.

Response

BluSapphire was called in for an Breach Assessment (Proof-Of-Concept). BluSapphire platform was deployed in couple of days across the client’s geographic locations with a limited scope. Immediately on deployment, BluSapphire noticed unsolicited C&C activity, that was not seen before by any Threat Intel, and narrowed it down to few systems on the network. BluGenie, BluSapphire’s agentless response system was able to pinpoint the source processes of the malicious activity and identified unauthorized BITS task (persistence). Using the Agentless Hunt, we were able to quickly identify and narrow down the infected systems on the network, fingerprint the Threat Actor, Identify Artifacts and quarantine these systems across their geographic locations. In this case, the clients network was compromised and the infection spread into their OffShore Development Centers (ODCs).

BluSapphire is a multi-vector cyber defense platform which combines the power of multiple layers of Machine Learning and Predictive Analytics combined with Sandboxing for an in depth Network and Endpoint Behavior analysis. Attackers today are bending minds to build New Tools/Techniques to perform a hack.

Being in the Race OR being simply ahead; We Think & Respond Where Attackers STOP!

 

Education

 
education.png
 

Use Case

A premier Education Institution in APAC lost its membership & was blacklisted by Leading Research & publishing organization as attackers ‘used’ Institution’s network to download research papers from Research & Publishing Organization’s server via Botnet activity.

Consequence

Data Compromise, Reputation Loss, Deleting or Encrypting data in order to carry out an extortion scheme.

Response

BluSapphire is a multidimensional cybersecurity platform which not only utilizes the Power of Machine learning models but also leverages Sandboxing technique for having in depth Network Behaviour& pattern analysis. Attackers today are bending minds to build New Tools/Techniques to perform a hack.

Being in the Race OR being simply ahead; We Think & Respond Where Attackers STOP!

 
 
“Our research is now no one else’s property. We now have a security platform which we can detect, and automatically respond to a threat without human intervention. ”
— Dean, Premier Educational Institute in India
 

Manufacturing

 
manufacturing.png
 
 

Case Study

A $28 B+ Worlds Top 10 Construction company had a compromised web server. This company owns a large number of construction companies, that use this platform for financial processing. BluSapphire was called in for evaluation post-incident.

Consequence

Denial Of Service, Loss of Competitive Advantage, Data Compromise, Reputation Loss

Response

BluSapphire Unified Cyber Defense Platform was deployed in a day, and almost immediately, we noticed that Ransomware Incident wasn’t even the tip of the iceberg. We noticed that the attacker left a backdoor on already open VNC ports* using “PoshCat”. He also moved laterally between the servers in the network using stolen credentials. He left multiple persistence artifacts across different servers, in case one of his access methods were compromised. BluSapphire’s ML based algorithms quickly mapped out the C&C Infrastructure of the attacker, thereby also revealing all attacker controlled systems.

Use Case 2

A country’s economy is crippled if its Power Grid /oil network is down just for a day & scenario will be much more catastrophic if the outage was a result of cyber-attack, which may fuel geo political situation.

In current scenario; Threat is looming large on Operations of Oil & gas, utility & Manufacturing Industries since; SCADA control networks, which are the heart & soul of operation control is a set of Legacy systems which are as old as 30 Years. The operating systems on such machines are already outdated & hence are no more receiving patch upgrades. Any 3rd Party patch installations are not granted to be deployed on systems to ensure OEM warranty is not void. This situation is creating a huge vulnerability which attacker would leverage upon.

Consequence

Economy Loss, Data Compromise, Reputation Loss, Threat to Mankind.

Response

BluSapphire’s Intelligent Cyber Defense system has the capability to operate independently in air-gapped networks. Our reliance on our advanced Machine Learning models, and Predictive Data Analytics helps us detect threats and stop them, where competition fails.

BluSapphire’s agentless response is an excellent choice for these legacy environments, where installing an agent is not feasible, practical and/or voids manufacturer’s warranty. BluSapphire’ s Intelligent Agentless Response Automation mechanism is capable of responding and remediating threats without any additional dependencies. This uniquely fits SCADA and air-gapped networks.

 

Pharma

pharma.png
 

Use Case

Pharma companies hold extremely valuable Intellectual Property. Apart from that drug lifecycle management invites intense scrutiny from FDA and other regulatory authorities. Any system, hardware/software connected with drug lifecycle management undergoes thorough validation process as mandated by regulatory bodies.

Introducing any changes in this environment invites a complete revalidation of the environment, which is extremely expensive w.r.t resources and time. This makes them the prime target for attackers, as these systems also often hold valuable information that an attacker can use to cause harm.

Consequence

Economy Loss, IP/Data Compromise, Immense Reputation Loss, Loss of Competitive advantage, Regulatory penalties.

Response

BluSapphire’s agentless response and remediation is an excellent option for these systems, as it does not require any agent to be installed. This helps organizations prevent an expensive deployment cycle, followed by a resource intensive validation cycle. BluSapphire system can be implemented in a day, and CIOs can protect these validated environments without being intrusive.

 
Get in Touch