Psagot Investment House deploys groundbreaking cyber security platform

“We know how to provide a response, not only to a company’s network, but also to real-time transaction systems."

DECEMBER 14, 2016 04:26

TRAPX CO-FOUNDER and chief technology officer Yuval Malachi. (photo credit: TRAPX SECURITY) — TRAPX CO-FOUNDER and chief technology officer Yuval Malachi.

(photo credit: TRAPX SECURITY)

Cyber security company TrapX announced on Monday that Israel’s Psagot Investment has embedded the company’s groundbreaking security platform into its systems.

TrapX, which was founded by Israelis, is now headquartered in San Mateo, California, but the company’s development center is in Tel Aviv. It calls itself the global pioneer in deception technology-based cyber security solutions. The company recently launched a first-ofits- kind protection platform for the international payment network of bank-to-bank money transfers known as SWIFT.

“Psagot ran a competition of sorts, in which our product was embedded into their data networks along with three other companies’ cyber security products,” TrapX co-founder and CTO Yuval Malachi told The Jerusalem Post. “Psagot then commissioned two different third-party tests of their networks, in which hackers attempt to break their system, as well as one test by the Finance Ministry. We were the only company that withstood all three tests perfectly, our platform was the only one that discovered and alerted every single attack attempt.”

The Psagot Investment House is one of the most well-known financial institutions in Israel, and the country’s largest pension fund manager. It belongs to the London- based international equity giant, Apex Partners, and manages approximately NIS 190 billion in assets, including most of Israel’s pensions.

With the worldwide rise in the frequency of cyber attacks directed at financial institutions, Psagot decided to upgrade its cyber security systems, and TrapX was up for the challenge.

“When we started our journey in 2012, we were the first and only company that dealt with deception- based solutions,” Malachi said. “Today, there are about six or five other companies in the field that hopped on the deception tech bandwagon.”

Today, TrapX has more than 80 employees in branches in the United States, the United Kingdom and in Israel. The company claims that most of their clients can be found in the Forbes Global 2000 list of top public companies.

“We have more than 200 paying clients all over the world, including in Israel where we dominate the deception-based tech solutions,” said Malachi.

Deception-based solutions deceive attackers into thinking they are attacking an asset, while they are actually being diverted into a trap.

The system is designed to confuse cyber criminals at all phases of an attack.

TrapX’s trademarked Deception- Grid platform utilizes the age old “bait-and-switch” tactic of security and defense. The platform deploys an integrated array of decoys and “breadcrumbs” that provide visibility into ongoing attacks, while luring attackers away from the valuable assets. In other words, it creates a clone of a company’s digital assets and creates an algorithm that draws attackers to the decoy rather than to the real thing.

If a company has 20 workstations with Windows 2010, TrapX will create another 20 such stations that are fake, but still lure an attacker away from the real stations. Any activity from the “lightest” reconnaissance attempt to advanced breaches is contained, recorded and alerted, enabling immediate remediation by the company’s information security team.

“Moreover, the hackers who tested Psagot never even realized that they were attacking a decoy, a simulacrum, and that they did not even enter the actual Psagot network. They had no idea that they were interacting with a trap,” Malachi said.

What makes the DeceptionGrid platform groundbreaking, is that it does not require the clients to install anything on their physical servers, or to make any physical alterations to the digital architecture of their networks. TrapX creates the artificial constructs – whether they are operating systems, workstations, databases, routers or anything necessary – virtually, on the local area network and on the cloud.

“This is especially important for the bigger international corporations that have hundreds of thousands of computer stations to defend, and an installation process of traditional platforms can take months or a year, depending on the company’s size. Our deployment is immediate” Malachi explained.

He said it was the virtual and non-physical nature of their platform that allowed it to be the firstof- its-kind protection for SWIFT transactions.

“We know how to provide a response, not only to a company’s network, but also to real-time transaction systems. Most of the transactions between banks and with the World Bank happen through the SWIFT network. But due to regulations and high risk, SWIFT doesn’t allow any vendor to install anything on its servers, therefore they must have a ‘floating’ solution that doesn’t grant vendors access to their servers or necessitate banks to make any physical changes to their architecture,” he explained.