Airbus brings enterprise level APT protection
Airbus Defence and Space launches new security solutions at GISEC
Airbus Defence and Space CyberSecurity has launched a suite of new security solutions aimed at helping government and large enterprise customers to combat advanced persistent threats, during the GISEC security expo.
The company, a dedicated subsidiary of the Airbus Group, said it is bringing the solutions to the Middle East to help protect critical national infrastructure such as energy facilities, from cyber attack.
The two solutions launched at GISEC are the Keelback APT detection and prevention solution, and StormShield endpoint protection.
Keelback combines signature tracking and detection technologies to monitor for unusual behaviour on a network. The solution uses an online knowledge base of known threats to block them, as well as providing countermeasure data from security professionals to be able to take action.
StormShield is an end point protection solution designed to protect workstations and servers from threats, including zero-day threats. The solution uses a Host-based Intrusion Prevention System (HIPS) which delivers a high degree of kernel-level protection against a range of risks.
Guy Meguer, Airbus Defence and Space general manager in Middle East for CyberSecurity said: "Our innovation is focused on delivering security without compromise to companies of all sizes against ever more frequent and prominent attacks, including APTs. Our solutions provide the highest standards of reliability and ensure that the most sensitive information can be adequately protected against security breaches."
Meguer said that the company is looking for a larger slice of the regional cyber security market, which he said will be worth $23bn in the next decade. Airbus Defence and Space CyberSecurity will target it's ‘legacy' government and semi-government customers, as well as critical national infrastructure - energy, utilities, oil & gas - and the financial sector.
The company aims to build its IT security business through its reputation as the wider Airbus group, and through the strength of its portfolio and systems integration expertise, Megeur said.
"When you are talking about state security, protecting national assets, you are talking about trust - we are one of the trusted companies that the government are talking to, because of our experience and what we have done in other areas.
"Second, we have field-proven experience and have delivered many projects in the region and worldwide. The third aspect is the comprehensiveness of our portfolio. We have a lot of assets, going from encryption, to identity management, to security operations centres, appliances, firewalls, intrusion detection.
"Part of our DNA is that we are an integration company. We are capable of integrating whatever the customers have as a legacy system, together with the most advanced technologies on the market, and what we don't have in the portfolio we take from our partners. All these make our offer unique," he added.
Discussing the StormShield solution, Francois Lavaste, CEO of Arkoon and Netasq, two subsidiaries of Airbus Defence & Space's Cybersecurity unit, said that the system is not just a standalone solution, but offers a range of built in options such as anti-virus and USB port control. The solution has also proven itself in testing, he added.
"It is very easy to protect against known attacks, you build signatures, you update your signature system and you are protected. It is very difficult to protect against unknown attacks, advanced attacks or zero day attacks as they are called," Lavaste said.
"StormShield was built with that in mind. What makes it unique is its track record and its efficiency. FOr the past year we have been monitoring all the vulnerabilities that have been used by hackers to penetrate systems, especially Windows-based systems. There are hundreds of these vulnerabilities used by hackers in the past 12 months. We monitored each single one, and identified the most critical ones - of these critical vulnerabilities, StormShield blocked - without an update, without signature updates, without modification - one hundred percent of those used by hackers."