Concentric AI announced the industry's first
deep-learning driven detection capabilities to find any type of hardcoded
secrets and key credentials (e.g. API keys, encryption keys, tokens, passwords,
etc.) in today's most popular enterprise on-premise and cloud data
repositories, as well as email and messaging applications.
As a result, these updates to Concentric AI's Semantic
Intelligence DSPM solution enable security teams to address risks to sensitive
data by deleting this information and reducing the threat of malware attacks
that can result in lateral movement and potential loss of sensitive data.
"Recent data breaches have involved attackers looking for
authentication credentials once inside the network to gain access to sensitive
information and steal data. This capability offered by Concentric AI helps us
detect instances of these credentials, such as secrets and keys lying around in
our data repositories and clean them up. This allows us to significantly reduce
our data attack risk surface and prevent data loss," said a CISO of a Fortune
1000 high tech company.
New capabilities such as Generative AI have made spear
phishing attacks more sophisticated by making it easier to trick employees into
clicking on harmful links or downloading malicious attachments, leaving
enterprises more vulnerable to a compromise. Once malware and attackers
successfully compromise a network, they can search for and discover secrets and
keys for access to applications in vast amounts of unstructured data. Gaining
access to secrets and keys to repositories including SharePoint, Google Drive,
Github, SSH, S3, Box, BiTBucket, and Windows File Systems gives attackers
access to sensitive IP such as source code, private client information, and critical
financial data.
Uniquely utilizing Deep Learning and Natural Language
Processing (NLP), Concentric AI's Semantic Intelligence detects secrets and
keys for a wide variety of applications embedded in unstructured data within
today's most popular on-premise and enterprise cloud data repositories, as well
as email and messaging applications. This unique capability of being able to
scan repositories and use NLP to identify secrets and keys without using static
rules or fixed regex patterns is an industry first - organizations lack this
ability today because detection of these secrets and keys embedded within data
repositories is extremely difficult and it's impossible to write rules or regex
patterns to address this threat without significant false positives and
negatives. The use of Deep Learning and NLP from Concentric AI allows for high
fidelity detection with minimal false positives and negatives.
"Today Concentric AI is introducing a critical data security
capability that is unmatched in the industry and important for all
organizations as they work to prevent more advanced cybersecurity threats,"
said Karthik Krishnan, Founder and CEO, Concentric AI. "Being the only company to leverage Deep Learning and
NLP to address security issues of secrets and keys hidden in unstructured data
gives Concentric AI the advantage in enabling organizations to prevent lateral
movement of attackers and malware and ensure that sensitive data is protected.
This is a huge win for all organizations with sensitive data in the battle to
protect information from loss against sophisticated attacks."
Detection of secrets and keys beyond unstructured data is
important because employees often leave secrets embedded within enterprise
collaboration and email/messaging applications for easy access and sharing with
other employees. However, a hack into these systems allows attackers to rapidly
move around the network, gaining access to applications and sensitive data and
rendering an enterprise vulnerable to data loss.
Concentric AI's DSPM solution scans organizations' data,
detects sensitive or business critical content, identifies the most appropriate
classification category, and automatically tags the data. Concentric AI uses
artificial intelligence (AI) to improve discovery and classification accuracy
and efficiency to avoid endless regex rules and inaccurate end user labeling.
In addition, Concentric AI can monitor and autonomously identify risk to
financial and other data from inappropriate permissioning, wrong entitlements,
risky sharing, and unauthorized access. It can automatically remediate
permissions and sharing issues or leverage other security solutions and cloud
APIs to quickly and continuously protect exposed data.
Concentric AI's Semantic Intelligence automates
unstructured and structured data security using deep learning to
categorize data, uncover business criticality and reduce risk. Its Risk
Distance analysis technology uses the baseline security practices observed for
each data category to spot security anomalies in individual files. It compares documents of the same type to identify risk from
oversharing, third-party access, wrong location, or misclassification.
Organizations benefit from the expertise of content owners without intrusive
classification mandates, with no rules, regex, or policy maintenance needed.
Availability and Pricing
Concentric
AI's latest version of Semantic Intelligence with detections for secrets and
keys is available today.