Search
US UK
Call us

General Enquiries

00 44 845 838 2050

Advanced Threat Protection

Ensuring the right balance of security investment between detection and protection capabilities can help organizations optimize cyber security defenses.

Becrypt help organizations deploy Advanced Threat Protection solutions for endpoint, mobile and cloud environments with independently validated security architectures that provide robust protection, including against advanced attacks.

Becrypt’s endpoint platform based on a secure Linux-based operating system is designed for secure enclaves or high-threat environments. Organizational IT and cyber security resource overhead is reduced by ensuring security events are low-volume and high-value, and automated system patching tracks published vulnerabilities. Reduced event noise simplifies anomaly detection, with tailored security monitoring services is available as a managed service to augment in-house expertise, or for integration into existing security operations, supporting End User Behavior Analytics (EUBA).

For mobile environments, unique network protection for Mobile Device Management servers against advanced threats has been developed in collaboration with government organizations.

Securing the Security Operations Centre

The compromize of a security operations infrastructure could have a disabling effect on an organization’s cyber defenses. Where the value to an adversary is high, such as multi tenancy operations centers, so may be the level of sophistication and stealth that adversaries employ.

With many SOC environments based in large part on browser-based access to platforms and tools, the opportunity exists to adopt a simplified and locked-down endpoint and network architecture that can provide a high degree of assurance in the ongoing integrity of the monitoring environment, ensuring separation of duty between doers and viewers, and removing the possibility of event data leaving a defined customer boundary.

Paradox is a secure Linux-based operating system for end user devices, and has allowed Becrypt to provide high assurance endpoints into government and private sector environments that have needed a high degree of protection. The architecture employed ensures that devices remain in a known healthy state, with high-value low-volume security event information, providing high confidence to those who need to watch the watchers.

Read more about Paradox, our secure operating system designed for secure environment such as SOCs, trading terminals and power user endpoints.


Management Server Protection

Protecting High-Value Mobile Device Management Servers

Organizations that are high-value targets and subject to sophisticated cyber-attacks – such as parts of Government – have become increasingly concerned about the consequences of an MDM server compromise.

An attacker that successfully compromises an MDM server can easily geo-locate managed devices, unlock and modify. Given the opaque nature of encrypted MDM traffic, a trusted but compromized mobile device can send malicious content to a server, in a manner completely hidden from the organization. Additionally, as encrypted MDM traffic remains un-inspected by the majority of MDM platforms, a compromized MDM server can act as a data egress point for attackers.

These challenges result from the characteristics imposed by the smartphone ecosystem. MDM servers have complex communication protocols that interact with several internet-based services, such as push notification systems and online app stores. Usually, these communication channels are authenticated and encrypted end-to-end, preventing them from being inspected for threats.

Therefore, an organisation or its service provider can either open its firewall ports to an MDM server hosted in their most trusted network segment or host the MDM server in a less trusted segment – a ‘DMZ’ of sorts. Ultimately, this equates to either compromizing a secure network, or sacrificing the MDM server. Those that consume MDM as a cloud service have typically just delegated this choice, knowingly or otherwise.

Becrypt has worked in conjunction with cross-domain specialists at the National Cyber Security Centre (NCSC), to build a new security architecture for MDM, which mitigates the risks of such a compromise. Find out more about Becrypt MDM+.

Get in touch with Becrypt today

First name*

Last name*

Email address*

Phone number*

How can we help?*

By submitting your details you are agreeing that we may communicate with you about Becrypt.
I agree to receive marketing updates regarding relevant products and services from Becrypt. Please refer to our Privacy Policy for more information. You can unsubscribe at any time.