BlastWave announces BlastShield, an all-in-one SDP solution that combines infrastructure cloaking and passwordless multi-factor authentication (MFA) for identity-based secure remote network access for organizations who’ve adopted a zero trust security model.
BlastShield enables organizations to hide on-premise and cloud workloads from outsiders and insider threats, concealing an organization’s infrastructure from cyberattacks through software-defined microsegmentation without modifications to existing network fabric and hardware. Using passwordless MFA, BlastShield prevents account takeovers while combining the SDP capabilities of asset cloaking to hide an organization’s infrastructure from cyberattacks.
With today’s businesses being exposed to a newly expanded attack surface created by hybrid work, a cultural shift in coordinated cyberattacks is taking place. “Data is everywhere. We’ve seen attacks become ubiquitous across critical infrastructure — from energy, utilities, food supply and healthcare. In the past year, nine out of ten data breaches are the result of accidental threats caused from weak passwords, phishing, and lack of patch and vulnerability management,” said Alissa Knight, cybersecurity influencer and ethical hacker, Knight Ink.
Knight adds, “BlastWave offers a unified stack that combines passwordless MFA, secure remote access, and microsegmentation in a single solution that enables zero trust applications and network access. You can’t hack what you can’t see. What I appreciate about the value BlastShield brings, is its focus on identity-based authentication and authorization that helps prevent even accidental threats, but also secures partner connections from the recent wave of breaches we’ve seen in the supply chain.”
BlastShield secures against multiple steps in the cyber kill chain
BlastShield solves the three most critical steps in the cyber kill chain for an attacker: (1) account takeover; (2) lateral movement; and (3) remote access compromise. By disrupting the adversarial decision-making process, the mean time to detection (MTTD) and mean time to response (MTTR) can be greatly reduced, lowering the cost of a breach and potential for data compromise.
Companies are attempting to thwart these attacks using multiple-point solutions that offer a specific security control for a specific threat and create more complexity and cost for Chief Information Security Officers (CISOs). BlastShield utilizes a three-pronged approach to help CISOs prevent cyber-attacks in many cases and reduce the “blast radius” of breaches in others.
The software-defined solution provides an all-in-one-zero trust stack that eliminates VPN costs and resource requirements (secure remote access), eliminates passwords to prevent account takeover (ATO) attacks (passwordless MFA), and implements software-defined microsegmentation (SDP) to fragment a company’s flat network into secure enclaves preventing lateral movement in the event of a compromise.
The patented peer-to-peer solution deploys in minutes for a frictionless integration for IT and requires virtually no configuration or change to the network fabric or hardware. Once deployed, BlastShield provides real-time segmentation and access control management across the network.
“We took the time to speak with our partners and customers, asking CISOs and CTOs about security attacks and threats they were experiencing and why current solutions were not working,” said Tom Sego, Co-Founder and CEO, BlastWave.
“Networks are becoming more complicated and diverse. Homes are becoming part of the corporate network, and more devices are getting IP addresses. Cybercriminals love this complexity as they can leverage a wider array of attack vectors. Traditional remote management solutions haven’t kept up with this evolution, which explains the explosion in ransomware and cyber-attacks over the past few years and exodus away from legacy VPNs and flat networks.”
Sego added, “With BlastShield, we apply both a zero trust framework and simplicity for users and administrators to eliminate and reduce human error and the most common threats. As an example, our authentication process is similar to Apple Pay. It’s quick, easy and extremely secure for users without the hassle and risk of dealing with passwords.”
BlastShield can be deployed on virtual machines, cloud, X86 platforms or as a host agent. It utilizes ultra-lightweight, software-based protective gateways and automatically bonds with “peers” to form an invisible peer-to-peer fabric. BlastShield renders protected assets and applications invisible to attackers and cannot be detected by network scanning technologies. BlastWave currently has eight customers and dozens of Proof of Concept (PoC) trials.