Armis opens platform that warns in real time against cyberattacks

“We are now at the doorstep of something we have never seen – global cyber warfare, which does not happen in the dark, but right on the surface,” says Nadir Izrael, co-founder and CTO of Armis.

 Cyber attack (photo credit: INGIMAGE)
Cyber attack
(photo credit: INGIMAGE)

Cybersecurity company Armis has opened a smart cloud-based platform, which builds an organizational map and protects and warns in real time against attempted cyberattacks.

“We are now at the doorstep of something we have never seen – global cyber warfare, which does not happen in the dark, but right on the surface,” says Nadir Izrael, co-founder and CTO of Armis.

“In recent years, many companies have had to change their perception regarding their level of security,” explains Izrael. “Technology has advanced rapidly, and many businesses and organizations that were used to working with local infrastructure and a few devices connected to the internet now have hundreds of thousands of connected devices (IoT) and operate on external infrastructure in the cloud.

“From a situation where everything is physical and connected via cables, they have moved to a situation where much of their work is virtual, and a good attacker needs just one weak point to penetrate.”

“Technology has advanced rapidly, and many businesses and organizations that were used to working with local infrastructure and a few devices connected to the internet now have hundreds of thousands of connected devices (IoT) and operate on external infrastructure in the cloud."

Nadir Izrael

Armis was founded in 2015 by Izrael, a graduate of the IDF’s 8200 unit, and Yevgeny Dibrov, company CEO, a graduate of the technological unit 81 in the IDF’s special operations unit. The company provides a platform that creates a clear map of all connected devices, which can be monitored and employed to prevent attacks.

 NADIR IZRAEL, co-founder and CTO of Armis. (credit: ARMIS) NADIR IZRAEL, co-founder and CTO of Armis. (credit: ARMIS)

The company’s unique cloud-based platform grants the ability to study the devices and various threats in real time – and to update accordingly. In accordance with the data acquired, the company will, in real time, update its security levels for protection of its customers. In addition, the platform is designed so that it can implement additional technologies and third-party features through collaborations.

“Our view is that you need to be aware of all the processes that are happening in your organization and that everything will be spread out on a map,” Izrael says. “Most organizations do not have this, and the map must contain all the elements that you may encounter, including network equipment and related devices that connect to the network.

“For example, the map of a company that makes chocolate should include the offices, factories and all the equipment of the network and back office communications, including their data center. The platform builds an organized map for them that allows the security teams to manage the organizational security campaign on this map.

“Once we have the map, the processes of the organization are managed on it,” Izrael explains. “That way, you can prevent any threat that pops up in real time. Security teams like to handle events themselves, but there are parts of the platform that work autonomously or semi-autonomously. The system itself sits in the cloud and is accessed from a browser.

“We connect to the company’s systems, but stop the attacks before it reaches them. Everything is diagnosed and stopped in the cloud. Our environment monitors over 2 billion devices worldwide and is constantly learning. That way, we can create a threat model in real time and distribute this model to all our customers simultaneously.”

A major change

Izrael explains that, in recent years, the global threat map has undergone a major change – which began in 2017 with a series of cyberattacks carried out by Russia against Ukraine. These attacks affected the whole world, causing the shutdown of entire industries. One of the victims of the attack was the American food manufacturer giant Mondelez, which was forced to halt production at the cost of hundreds of millions of shekels.

“People don’t think that someone wants to attack a company that produces chocolate,” says Izrael. “And because of that [way of] thinking, they didn’t invest sufficiently in cyberdefense. What they realized in the wake of the attack, like other companies, is that you don’t have to be the target to be harmed by cyberwarfare. Since all your devices are connected to a network, one attack can affect several concerns and can cause serious damage.

“At the end of the day, cyberwarfare has become the most asymmetrical, cost-effective weapon that countries can use,” Izrael notes. “At the moment, we have received an extension for a few months because Russia is engaged in the war in Ukraine, but once it’s over, we’ll hear about a new attack almost every day. If in the early 2000s, we suffered from terrorism, today cyberwarfare is the most convenient way for countries to conduct warfare, especially when there are so many organizations that would be happy to accept responsibility in place of the country that has carried out the attack.

“There is an understanding in the West that security needs to be strengthened, but until recently, the perception regarding company security was that they needed protection to arrest criminals, but not countries. They told themselves if a country wanted to attack them, it could happen, but that’s an incorrect perception. One must raise the levels of defense to protect against cyberattacks from countries, and that requires a fundamental change.”

Armis has grown significantly since it was founded six and a half years ago. The number of its employees has jumped to over 600, of which 250 are based in Israel. While most of its operations are in the US, where it works with global companies on the Fortune 100 list, it has already spread throughout the world and works with organizations in Europe and in the East.

In November 2021, the company raised $300 million at a valuation of $3.4 billion. The company estimates that it will cross the $100m threshold in revenue this year and will likely go public over the next three years.

The company has a talented research team that has reported several discoveries and weaknesses, including the discovery of three critical zero-day vulnerabilities affecting tens of millions of devices around the world.

Armis researchers have shown how they can make such devices smoke and even catch fire, demonstrating the possibility of physical damage through a cybersecurity vulnerability. According to Armis data, almost 8 out of 10 companies are exposed to TLStorm vulnerabilities.

In light of the geopolitical landscape and the situation in Ukraine, these sorts of exploits could have grievous implications. FBI and DHS cyber officials have urged critical infrastructure sectors to patch all systems and report anything unusual, no matter how small, putting organizations on high alert.

Armis has also announced the disclosure of five critical vulnerabilities, known as TLStorm 2.0, in the implementation of TLS communications in multiple models of network switches. The new TLStorm 2.0 research exposes vulnerabilities that could allow an attacker to take full control over network switches used in airports, hospitals, hotels, and other organizations worldwide.

Armis, which initially focused on the security of special environments and critical infrastructures (such as factories and hospitals), currently covers all services and industries. Today, the company is looking for strategic partnerships to enhance the Israeli ecosystem in the cyber field.

“The fact that we started from complex work environments, such as hospitals, provided us with a significant advantage in the ability to give a detailed picture when dealing with an organization, which has many levels,” says Izrael. “Our goal is to continue to grow, build and develop the platform that we have built and to do it from here, as part of the Israeli ecosystem.

“We are always looking at acquisitions of companies and technologies, whether it is something that can be connected as a source of information or additional layers that can process information or provide a new service. We are an ambitious company and aim to be global leaders in the field. We do not provide a specific solution to a particular problem.

“Rather, we provide a breathing, learning platform,” Izrael explains. “And my goal is to be among the top four technologies of any organization in the world – a tool that allows them to manage the cyber system in the most efficient and quiet way possible. Our line of thinking is that we can be a blue and white company, based in Israel, that can compete with the large American companies, because at the end of the day, the talent is here.”

Translated by Alan Rosenbaum.