Menlo CEO Amir Ben-Efraim on Beating Highly Evasive ThreatsWhy Network Security Controls Such as Gateways, Firewalls Struggle With New Threats
The latest generation of ransomware and phishing attacks is being designed to evade existing network security controls such as gateways and firewalls, said Menlo Security CEO Amir Ben-Efraim.
Threat actors have taken the time to codify, register and customize URLs to impersonate a bank's help desk and then let the website sit dormant for six months so that it develops a solid reputation from the web filters and URL filtering lists, Ben-Efraim said. Once that website is used in an attack, he said, it can take weeks or even months for the industry to learn the site is actually malicious (see: Zero Trust Network Access: 'Are We There Yet?').
"If I encrypt the file, then by definition, it cannot be inspected," Ben-Efraim said. "So that's a particularly easy form of evasion because a network security product will never be able to inspect an encrypted file."
In this video interview with Information Security Media Group, Ben-Efraim also discussed:
- The most effective defenses against highly evasive threats;
- How browser isolation compares to an enterprise browser;
- What's unique about cloud security needs in North America.
A veteran of internet security, Ben-Efraim co-founded Menlo Security in 2013 to pioneer a new approach. He was vice president of cloud security at Juniper Networks, where he helped define company strategy for securing the virtualized data center as well as public and private clouds. He joined Juniper through its 2011 acquisition of Altor Networks, where he was founder and CEO. Before that, he was an executive at internet security pioneer Check Point Software from 2004 to 2007.