Cymmetria, Inc.
| File:Cymmetria Logo 150x150.png | |
| Private company | |
| ISIN | 🆔 |
| Industry | Computer security |
| Founded 📆 | 2014 |
| Founder 👔 | Gadi Evron, Imri Goldberg, Irene Abezgauz |
| Headquarters 🏙️ | Palo Alto, California |
Area served 🗺️ | |
Key people | Gadi Evron(CEO) Imri Goldberg(VP R&D) Irene Abezgauz(VP Product) |
| Products 📟 | MazeRunner |
| Members | |
Number of employees | |
| 🌐 Website | Cymmetria.com |
| 📇 Address | |
| 📞 telephone | |
Cymmetria, Inc. is a private American cyber security company that provides deception based cyber security solutions against advanced cyber threats, such as advanced persistent threats. The company uses proprietary deception technology to detect and disable hackers and cyber threats. Cymmetria's MazeRunner and ActiveSOC empower organizations to hunt attackers making lateral movement inside the perimeter. MazeRunner enables organizations to build effective deception stories, while ActiveSOC automates hunting and IR. With MazeRunner, attackers are unable to make lateral movement undetected. ActiveSOC automates the deployment of deception elements in response to SOC triggers, automatically verifying events; this reduces the number of events that require analyst review, and produces actionable intelligence from otherwise discarded events.
Timeline[edit]
Cymmetria was founded in 2014. Major core investors include Sherpa Capital,[1] Felicis Ventures, Lumia Capital, Seedcamp and Y Combinator.[2] In 2015 the company took part in the Y Combinator Accelerator program.[3] Cymmetria was responsible for the discovery of the 2016 advanced persistent threat, 'Patchwork',[4] which infected 2,500 high-value targets worldwide. Cymmetria released a community version of their platform, MazeRunner, in July 2016.[5]
Technology[edit]
Cymmetria's product, MazeRunner, gives organizations a platform for creating deception stories. The organization creates realistic environments for hunting cyber attackers, and Cymmetria puts decoy virtual machines on its networks which house real software and real information. They also leave "digital breadcrumbs" in other places like passwords and documents that might lead the hacker to the MazeRunner platform. If an attacker accesses a decoy or breadcrumb, the client can immediately see them and their toolset.[6]
Patchwork APT[edit]
In July 2016, Cymmetria researchers discovered and revealed the cyber attack dubbed 'Patchwork,' which compromised an estimated 2500 corporate and government agencies using code stolen from GitHub and the Dark Web. Examples of weapons used are an exploit for the Sandworm vulnerability (CVE-2014-4114), a compiled AutoIt script, and UAC bypass code dubbed UACME. Targets are believed to be mainly military and political assignments around Southeast Asia and the South China Sea.[7][4]
See also[edit]
References[edit]
- ↑ "Dark Reading (15 Nov 2015)".
- ↑ Natasha Lomas (27 Jun 2015). "YC-Backed Cymmetria Uses Virtual Machines To Decoy And Detect Hackers". CrunchBase.
- ↑ Y Combinator (29 Jun 2015). "Cymmetria (YC S15) Uses Virtual Machines To Decoy And Detect Hackers". Y Combinator.
- ↑ 4.0 4.1 Spring, Tom (7 July 2016). "APT Group 'Patchwork' Cuts-and-Pastes a Potent Attack". Threatpost. Retrieved 2 January 2017.
- ↑ "Cymmetria Releases Free Community Version of Innovative Cyber Deception Solution for Hunting Attackers". Dark Reading. 13 Jul 2016.
- ↑ Tech Insider http://www.techinsider.io/cymettria-cyber-deception-2016-7
- ↑ Pauli, Darren. "Copy paste slacker hackers pop corp locks in ode to stolen code". The Register.
External links[edit]
 |
Wikimedia Commons has media related to Cymmetria. |
This article "Cymmetria" is from Wikipedia. The list of its authors can be seen in its historical. Articles copied from Draft Namespace on Wikipedia could be seen on the Draft Namespace of Wikipedia and not main one.
