Company’s Unified Identity Protection Platform Consolidates Security Controls for On-Premises and Cloud Environments to Block Attacks

Boston and Tel Aviv, March 17, 2021 – Silverfort, the unified identity protection company, today announced it has been named a finalist for the Microsoft Security 20/20 Identity Trailblazer award. The company was honored among a global field of industry leaders for demonstrating excellence in innovation, integration, and customer implementation with Microsoft technology.

“Being named a finalist for the Microsoft Security 20/20 Award provides further validation for the value we provide joint customers by unifying identity protection across all their assets,” said Hed Kovetz, CEO and Co-Founder of Silverfort. “Enforcing access management and authentication policies on all resources across hybrid and multi-cloud environments is necessary for implementing Zero Trust security. Silverfort makes this possible by ‘bridging’ any kind of application, server or device into Azure AD, without modifying those assets and without installing proxies.”

The second annual Microsoft Security 20/20 awards to be held May 12, 2021, will celebrate finalists in 18 categories spanning security, compliance, and identity. Silverfort has been nominated as a finalist for Identity Trailblazer.

“The pandemic has forever changed our perspective on the world, the role of technology, and how we work, learn, and live,” said Rani Lofstrom, Senior Product Marketing Manager, Microsoft Global Security Partnerships. “In recognition of our new reality, the theme for the Microsoft Security 20/20 Awards this year is ‘Perspective—Through the Looking Glass.’ The awards ceremony this year will honor our security partners who have gone above and beyond during an unprecedented time of change to support, secure, and protect remote workers everywhere.”

The Microsoft Intelligent Security Association (MISA) was established to help further the security ecosystem, fostering an environment where solution providers can collaborate to create a future that’s safer for people and organizations alike. This year, the industry veterans in MISA will vote to select the winners of the Microsoft Security 20/20 awards, providing an opportunity for colleagues to honor their peers for delivering exceptional work to our shared customers.

About Silverfort

Silverfort is the provider of the first Unified Identity Protection Platform that consolidates IAM security controls across corporate networks and cloud environments to block identity-based attacks. Using innovative agentless and proxyless technology, Silverfort seamlessly integrates with all IAM solutions, unifies their risk analysis and security controls, and extends their coverage to assets that could not be protected until today, such as homegrown and legacy applications, IT infrastructure, file systems, command-line tools, machine-to-machine access and more. The company has been named a Gartner ‘Cool Vendor’, a 451 Research ‘FireStarter’, and a CNBC ‘Upstart 100’. To learn more visit us on the web, and follow us on LinkedIn and Twitter.

Media Contact:
Marc Gendron

Marc Gendron PR for Silverfort

[email protected]

617.877.7480

Silverfort's unified identity protection platform for microsoft azure

Platform Enables Organizations to Centralize Identity and Access Management (IAM) for Cloud and Legacy On-premises Resources on Azure Active Directory, Including Those That Couldn’t be Migrated Before

Boston and Tel Aviv, March 2, 2021 – Silverfort, a unified identity protection company and member of the Microsoft Intelligent Security Association (MISA), announced a new offering that enables organizations to consolidate Identity and Access Management for all their devices, applications and environments on Microsoft Azure Active Directory (Azure AD). This new solution is being showcased during a virtual live session at Microsoft Ignite and follows dozens of enterprise customer wins involving Silverfort’s core platform over the past several months.

The Silverfort Unified Identity Protection platform allows customers to migrate all their hybrid assets, including non-web systems, into Azure AD where they can be centrally managed as if they were modern web applications. This enables organizations to unify security policies, visibility and user experience across all systems and environments, including legacy on-premises resources that do not natively support integration with Azure AD or existing application proxies.

“Identity is becoming the primary security control plane for enterprises, but it’s currently built in silos, lacking unified control and leaving many sensitive assets exposed,” said Hed Kovetz, CEO and Co-Founder of Silverfort. “Azure AD provides advanced IAM visibility and security and Silverfort now extends its coverage far beyond any other IAM solution, enabling unified identity protection. We are excited to collaborate with Microsoft on this solution that we think will benefit every enterprise.”

“Microsoft has been on a mission to help companies protect their corporate identities, and take advantage of Azure AD as a universal identity platform for the modern workforce,” said Sue Bohn, Partner Director, Microsoft Identity Division at Microsoft Corp. “The integration with Silverfort allows customers to extend the power and flexibility of Azure AD to many additional resources and applications across hybrid and multi-cloud environments, and unify their identity management and protection on Azure AD.”

Silverfort uses agentless and proxyless technology to seamlessly connect with IAM solutions across hybrid environments, and automatically discovers and analyzes applications and resources, including those that still rely on passwords and legacy protocols. The platform accelerates and optimizes the migration of all applications to cloud-native identity platforms like Azure AD, while serving as a ‘bridge’ for assets that could not be migrated before, such as:

  • Legacy and homegrown applications
  • IT infrastructure
  • Active Directory managed servers and endpoints
  • Assets that reside on other cloud environments, including multi-cloud
  • File shares and databases
  • Command-line tools and other admin interfaces
  • Machine-to-machine access (service accounts)
  • Industrial and medical systems

Learn more at Microsoft Ignite session 

About Silverfort

Silverfort is the provider of the first Unified Identity Protection Platform that consolidates IAM security controls across corporate networks and cloud environments to block identity-based attacks. Using innovative agentless and proxyless technology, Silverfort seamlessly integrates with all IAM solutions, unifies their risk analysis and security controls, and extends their coverage to assets that could not be protected until today, such as homegrown and legacy applications, IT infrastructure, file systems, command-line tools, machine-to-machine access and more. The company has been named a Gartner ‘Cool Vendor’, a 451 Research ‘FireStarter’, and a CNBC ‘Upstart 100’. To learn more visit us on the web, and follow us on LinkedIn and Twitter.

Media Contact:
Marc Gendron
Marc Gendron PR for Silverfort
[email protected]
781.237.0341

Aleta Jeffress (Status Go Episode 3) returns to discuss what’s changed…and what hasn’t changed in the last two years. Aleta is the Vice President of Consulting Services in the State and Local Government sector for CGI. Aleta discusses the heroic efforts many IT departments made in enabling a remote workforce in the new reality of work from home. Security is always top of mind, never more so than in 2020. We explore some of the recent news of the government hacks and what the future may bring in the areas of security and work from home. Aleta also brings us up to date on the work she has been doing to promote women in technology roles, especially in the area of security. Along the way we discuss a couple of interesting start-ups bringing a new perspective to security and to bias in hiring.  

Discussed in this episode:

Future of Work Webinar 
Silverfort – Next Generation Authentication
InterviewIA – AI analysis of interviewing

The Future of Work, Security and Women in Tech

 

With much thanks to Hed Kovetz, CEO and Co-Founder of Silverfort, Aviva Zacks of Safety Detective learned a lot about what his company does. She found out all about his company’s secure authentication technology.

Safety Detective: Tell me about your cybersecurity journey and what you love about it.

Hed Kovetz: I started my journey in cybersecurity in the Israeli Intelligence Unit 8200 where I was a group leader managing several teams. After that, I worked as a cybersecurity product manager and designed national cybersecurity solutions. Coming up with security solutions that work at a scale of a whole country gave me a good view of what cybersecurity looked like from both the offensive side and the defense side which allowed me to see what some of the challenges were and got me very excited about solving them.

In 2016, I decided to start my own company with two co-founders, Yaron Kassner and Matan Fattal. We decided to focus on the problem of identity protection because we recognized back then that identity is going to be a very crucial component of cybersecurity.

SD: Can you tell me about your motivation for starting your company?

HK: My two co-founders and I wanted to do something in the security of identity and authentication because working for many years in cybersecurity and seeing it from both perspectives showed us that identity and authentication are weak spots in security posture. If someone takes over your identity, steal your password, for example, they can impersonate you and access everything. No security tools would stop them because they are coming through the front door.

We were attracted to this because there are so many different technologies in identity and authentication, but somehow, the percentage of data breaches that leverage compromised credentials is rising year after year. So, it was very interesting to us to find out why this technology is not effective. Why can’t the existing solutions and vendors solve this problem? And why can attackers take over identities and steal credentials so easily?

We started talking to security executives and asking them what is missing. They told us it’s not that these products are not secure enough. The problem is that each of them only covers a small portion of the different identity and access scenarios in an enterprise. These solutions are working in silos—one of them might protect only your web applications, another protects your gateway into your network, another covers the cloud, and another might focus on your privileged users. Each of them only sees a piece of the puzzle, and none of them can really see across all these different users, systems, and environments to effectively apply secure authentication and protect identities in a more holistic and intelligent way across the board.

SD: Tell me about your technology.

HK: We enable identity protection for every user, asset, and environment in a unified way, by consolidating the security controls across the different identity silos, including both cloud and legacy infrastructure. We protect even systems and applications that no other authentication or identity solution can integrate with. With our solution, organizations can extend modern identity and authentication everywhere, and eliminate blind spots and silos.

There are two main things that we do. One is the ability to extend secure authentication and access to any kind of system and close those security and compliance gaps that almost every company has. Many systems just don’t support modern authentication and identity—for example legacy applications, proprietary systems, critical infrastructure, command-line tools, machine-to-machine access and more. Even though companies have been trying to get rid of passwords for many years, it’s very difficult to do so because many systems have their built-in authentication mechanisms, that are based on passwords. Replacing that mechanism system by system is just too complex and sometimes not even possible. Silverfort can seamlessly extend protection to all these different assets without having to modify them. We don’t change them, we don’t install anything on them, and we don’t even put a proxy in front of them.

The second thing which is even more strategic, is that because of this architecture, we can monitor and control authentication and access across all systems and environments. It’s not just about individual assets that you couldn’t protect before, but about applying a unified, risk-based policy across the entire organization: everything from on-premise to cloud, from web applications to infrastructure, including both human access and machine access, both at the perimeter and beyond the perimeter.

SD: How do you stay ahead of the competition?

HK: Our solution is the only one enabling consolidation of identity protection across all users, systems and environments, accelerating migration to modern IAM and eliminating silos that almost every enterprise currently has. We are the only authentication provider that sees the full picture of user access, not just to specific assets or through a particular gateway, but everywhere, which allows us to apply a much more intelligent AI-driven policy. We have all this data that we monitor across the hybrid environment, across all the different silos of identity that exist in organizations today, analyze them with machine learning, understand user and machine access behavior, and then apply dynamic intelligent policies based on the risk level.

There are many authentication and access solutions in the market. The problem is they only see a piece of the puzzle. They only see access of certain users to certain resources. Because of our unique architecture, we can see all of it which allows us to make much more accurate decisions. This also allows us to achieve what we call Identity-Based Zero Trust.

A lot of companies are talking about the Zero Trust approach. In this new perimeterless environment, you can’t assume that users are trusted anymore. You have to verify the identity of the users before you allow them to access anything. Other companies focus on the network aspect, controlling whether someone can connect to something at the network level. We achieve a more holistic protection using an identity-first approach. On the identity level, we look at which user is trying to authenticate, or which user is trying to access which resource. This allows us to effectively achieve a Zero Trust security model without having to install any agents or proxies. It’s a much more holistic approach and a more achievable approach for organizations because they don’t need to change the network architecture with segmentation and proxies or install anything on the user devices or the servers. We can seamlessly monitor every access in the network and the cloud by any user and machine. We analyze it and can dynamically control who can access what, and what level of authentication is needed based on the risk level. Silverfort can provide this because it monitors and analyzes a lot of data about the access activity across all users, systems, and environments.

SD: What verticals use your technology?

HK: We have customers in almost every vertical: financial, telecommunications, energy, manufacturing, healthcare, technology, and more. The need to protect identity and access is a need that every organization has, and it’s only becoming bigger these days where employees are working remotely, from everywhere. They might be accessing sensitive systems and data from insecure devices and insecure networks and accessing the crown jewels of the organization. So, the need to validate their identity, make sure it’s really them, and control what they can access based on the risk is only growing and it’s shared among all companies.

SD: How do you think that the pandemic is going to affect cybersecurity for the future?

HK: I think that the pandemic has changed the threat landscape and, therefore, the way organizations think about security. It has also accelerated a lot of things that were already happening, but moving slowly. I think for many years now, companies have understood that networks are becoming perimeterless and more dynamic. In the past, all your assets were located physically in the office protected by a very clear border, which is called the perimeter, and you could focus on securing that perimeter and make sure nobody is coming in. Most of your employees were inside that perimeter and you could trust them because they are in your network, in your physical office. Nowadays, people connect from anywhere and access resources that might be located anywhere. Employees might be connecting from their home or from the office. Resources might be located in the office or in the cloud. Because networks are becoming hybrid, dynamic and complex, the reality now is that everything is connected to everything. In order to access something sensitive, you don’t always need to pass through a gateway anymore.

In this new reality, companies are starting to wonder where they should implement security controls. If there isn’t a gateway or a perimeter—where to you implement these controls? It almost seems like they need to implement it everywhere, on every device, on every cloud service, on every traditional on-premise asset. This is simply not realistic because we are living in a very dynamic digital environment where things are changing all the time. Assets in the cloud are changing every day without security teams even knowing about it. In this reality, organizations understand they need to take a whole new approach for security that is not just built on protecting the perimeter or protecting individual assets. They need to find a way to protect the connections between users and assets, the way they interact. And this is where identity and authentication play a huge role.

There are a lot of companies that were already in the process of realizing this. The pandemic accelerated this process rapidly. Organizations that were planning to address this over the next few years—now must solve it in a matter of months because they need to allow people to connect from home and access sensitive resources. Otherwise, they can’t do their job. They tried to solve this with existing tools, usually unsuccessfully. So, they started looking for a new security approach and new solutions.

Even though we started the company in 2016, and we didn’t know that this whole process was going to accelerate so much with the pandemic, we knew that this is where things were heading. These are processes that started before the pandemic. They just got accelerated now. And because of that we are seeing fast-growing demand for our solution.

Safety Detectives Blog

 

Boston, Tel Aviv August 4th, 2020 – Silverfort, provider of the industry’s first agentless, proxyless authentication platform, announced today that it has raised $30 million in a Series B investment round. The new funding will allow Silverfort to further accelerate the company’s fast growth and meet the increasing customer demand for secure authentication and access solutions, which is boosted by the global shift to remote work. The financing was led by Aspect Ventures, with participation of Citi Ventures, Maor Investments, and the company’s early investors TLV Partners, StageOne Ventures and Singtel Innov8. Mark Kraynak from Aspect Ventures will be joining Silverfort’s board of directors. This funding round follows a milestone year of growth for Silverfort and brings the total investments in the company to $41.5 million.

“The shift to hybrid and multi-cloud environments, combined with the dramatic acceleration of remote work is driving the need for secure authentication and access of corporate users beyond the perimeter,” said Mark Kraynak, Venture Partner with Aspect Ventures. “Implementing these security controls system-by-system is no longer realistic. Silverfort brings a disruptive technology that is uniquely designed for the perimeter-less era. We are very impressed by the company’s customer traction, leadership and product vision, and excited to help it accelerate its growth.”

“We are proud to support Silverfort as investors, and to see a market leader come out of Citi’s Accelerator program” says Ornit Shinar, Head of Ventures Investments in Citi Israel. “Silverfort’s solution has proven not only to be valuable, but in many cases, a necessity. Especially these days, when millions of people around the world have to work and access corporate resources remotely.”

Silverfort developed an innovative platform that seamlessly enforces secure authentication and access policies (including Multi-Factor Authentication, Risk-Based Authentication, Zero Trust and more) for any user, device and system, both on-premises and in the cloud, without the need to deploy any agents, SDKs or proxies. Its unique architecture allows Silverfort to protect large and complex networks and cloud environments in a unified manner, with an AI-driven risk engine that automatically adjusts policies based on the user’s behavior, and prevents threats such as account takeover, ransomware and lateral movement.

“With the shift to remote working, secure employee authentication and access to company networks and systems have grown increasingly important for enterprises,” said William Woo, Group CIO at Singtel. “However, many large enterprises find it difficult to implement such controls across all their different environments quickly. Silverfort’s innovative solution simplifies this process without requiring system modifications, enabling them to save time and costs.”

Want to know more? Join us on August 25th for a live webinar introducing Silverfort’s Agentless Authentication Platform

Silverfort enables its customers to protect many sensitive systems that other vendors can’t integrate with, such as homegrown/legacy systems, critical infrastructure, file systems, IoT, command-line interfaces, machine-to-machine access and more. Silverfort also allows customers to migrate their existing servers and applications to the cloud in a secure manner without having to modify them.

“We are thrilled to have the support of such great investors who share our vision”, said Hed Kovetz, CEO and Co-Founder of Silverfort. “The increased enterprise adoption of cloud, IoT, BYOD and remote work is creating major challenges for implementing secure authentication and access, and calls for a more unified approach. We are excited to continue on our mission to help more companies leverage identity as their new perimeter, and effectively prevent emerging cyber threats.”

Silverfort was founded by Hed Kovetz, Yaron Kassner and Matan Fattal, cybersecurity and cryptography experts who previously served in the Israeli 8200 elite cyber unit. It has large enterprise customers around the world, and partnerships with top security vendors and channel partners. This additional funding will allow Silverfort to expand its sales, marketing, engineering and customer success teams around the world.

About Silverfort:

Silverfort delivers secure authentication and Zero Trust policies across corporate networks and cloud environments, without deploying any software agents or inline proxies. Using patent-pending technology, Silverfort enables risk-based multi-factor authentication for all sensitive users, devices and resources, including systems that could not be protected until today, such as homegrown applications, IT infrastructure, file systems, machine-to-machine access and more. Silverfort allows organizations to prevent data breaches and achieve compliance, by preventing identity-based attacks across complex, dynamic networks and cloud environments.

The company has been named a Gartner ‘Cool Vendor’, a 451 Research ‘FireStarter’, and a CNBC ‘Upstart 100’, and has received worldwide recognition and awards, including Citi’s Most Promising Fintech Startups for 2020 in the Cybersecurity Category, Most Promising Cybersecurity Startup of the Year by CDM Magazine, and more. Contact us to learn more.

In today’s new world, where nearly everyone is working remotely, passwords just aren’t enough to keep your company’s sensitive assets secure. Check out the full article on Silverfort & CEO, Hed Kovetz, here:

During RSA Conference, we had a chance to connect with Dana Tamir from Silverfort to get the updated Silverfort story. During our chat, Dana points out that enabling secure authentication and zero trust policies without requiring an agent or proxies or software changes should be the primary goal for organizations looking to keep bad actors out while ensuring secure access to those that have been granted authorized access to the business resources.

Listen to the podcast

Hed Kovetz of Silverfort Reviews Holistic Agentless Approach to Secure Authentication

The cyber security world can learn from the physical security world where you need visibility to enforce security policies. Surveillance cameras, for example, have become omnipresent. Wherever we go, we expect cameras to be watching our every move. The intent? To prevent crime, or at least, to identify and apprehend criminals after a crime has been committed. Despite the lack of agreement on whether CCTV cameras truly prevent crime[i], the argument that improved visibility increases detection rates is one that can be applied to cyber security. Full visibility is certainly the first step in identifying all systems and entities on the network which require security control.

For this reason, we have seen a boost in the number of security vendors touting the visibility their products provide. From network scanning to application identification to asset inventory, every product seems to offer a “visibility-first” approach nowadays. However, when it comes to system security and data protection, visibility without policy enforcement feels like an empty promise. Surveillance isn’t the goal; preventing unauthorized and unauthenticated access is. Fortunately, unlike CCTV cameras, with the right security technology deployed, organizations can take action against identified malicious network activity. The key is applying enforcement on every system, regardless of where in the network it is deployed, what type of system it is, or whether it is a purpose-built, proprietary application or off-the-shelf.

While networks of the past may have been easy to track, today’s networking must account for on-premises and virtual data centers, cloud, IoT, BYOD, remote workers, OT, homegrown and legacy applications, and more. This is a lot of ground to cover, and finding then preventing access to sensitive data stores is a major undertaking, especially if the visibility tools and access controls implemented cannot handle modern networking or protocols.

Extensible MFA

Silverfort, an authentication vendor based in Israel, secures authentication to sensitive systems, including those which can’t be secured with traditional agent- and proxy-based authentication technologies. The company was founded by three former members of the 8200 cyber security unit of the Israeli Defense Forces (IDF) to answer the question, “How do I protect assets on which multi-factor authentication (MFA) can’t be installed?” Increasingly, the team watched the market as MFA solutions were exploding, but they didn’t see capabilities for MFA available for many sensitive assets such as legacy/homegrown apps, remote administrative tools, file shares, OT, and IoT. Thus, this is what they built.

The idea behind Silverfort is that visibility and control must be seamless, meaning, organizations shouldn’t have to install proxies or agents on each asset because doing so is impossible in today’s complex and dynamic networks. Further, authentication mechanisms must not change the user workflows. Despite the known security benefits of MFA, adoption remains low; only 30% to “just under” 50% of organizations using MFA (depending on which industry study you read) because users don’t want to perform additional actions or have access to resources delayed— even it equals stronger security.

How it works

Silverfort is deployed as a virtual machine. Every time a user/endpoint or service/resource requests access to a resource, the request is authenticated with an identity store and then routed to Silverfort. One of the benefits of the technology, said Dana Tamir, Silverfort’s VP of Market Strategy, is that Silverfort doesn’t change the way authentication happens.

The policy engine allows the customer to set allow/deny/step-up MFA rules for each asset and every access request, based on circumstance. In other words, Silverfort can be considered a zero trust technology. What’s interesting about Silverfort is that the company plays nicely with other zero trust authentication technologies like Okta, Ping Identity, Duo (Cisco), and Yubico. If a customer already uses a third-party partners MFA solution, Silverfort can act as the policy engine, extending strong authentication to more systems than currently supported. Additional integrations include Palo Alto, Check Point, and Microsoft, ensuring step-up authentication is triggered when an internal security alert is.

The installation process seems simple enough: Tamir said that a simple configuration of the identity stores to forward authentication requests to Silverfort’s virtual machine is needed. The key is the ability to understand the encrypted authentication protocols without decrypting them. Once up and running, the system starts working immediately, though Tamir says most customers set Silverfort to passive mode for approximately 30 days so that “they can see what’s going on, what protocols are in use, and who is communicating with what.” The reason, I suspect, is actually twofold: First, passive mode provides the coveted visibility mentioned at the beginning of this article but does so without applying changes to the customer’s controls. In other words, it’s allowing the customer to grow accustomed to the system. Second, this learning period provides the training data that makes the technology more effective once it’s set to enforcement mode.

Use cases

Tamir shared five uses cases for the product, the most compelling of which, in my opinion, is secure cloud migration. As companies move more resources to the cloud, one major concern is keeping legacy applications and servers secure throughout the process. Silverfort is a Microsoft co-sell partner, helping Microsoft customers safely migrate their systems to Azure—which means that secure authentication, access control, and auditing stay turned on from on-prem to cloud.

Other use cases include securing the use of service accounts, enforcing MFA on privileged access, and monitoring machine-to-machine access. Again, the key here is a form of continuous “surveillance” and protection as companies operate modern networks. It’s ensuring that strong access control is applied for every data repository and sensitive system, regardless of when it was implemented, the authentication protocols used, or where in the network the data reside. It can identify malicious attempts and block them before access is granted.

If any of the aforementioned use cases apply to your organization, give Silverfort a call. They have offices in Europe, Asia, and the US, making it easy to get in touch. And as always, let us know what you think after taking it for a test run.

___________________________________________________________________

[i] https://www.urban.org/sites/default/files/publication/27556/412403-evaluating-the-use-of-public-surveillance-cameras-for-crime-control-and-prevention_0.pdf

Next Page »