3. • Technology is all about Skills, Service and Solutions – Your vendor
should be the same. TekMonks is –
• A full service, fast growing, and highly skilled technology firm.
• Global – with operations across 6 countries, and 3 continents.
• Experience in multiple industry verticals – including Government,
Finance, Health, and Transportation.
TekMonks – Skills, Service and Solutions
3
5. • Cybersecurity is one of the major challenges for any major organization
today.
• Most hackers these days are from well funded groups, and
well trained in being able to hack various computer systems.
• Firewalls, VPNs, and Edge security devices and protect internal networks
from intruders.
• But what happens when they are breached? When the hacker is now
inside your network?
Cybersecurity Challenges
5
6. • The continued, high frequency of successful cyberattacks against today’s
enterprises has made it abundantly clear that traditional,
perimeter-centric security strategies are no longer effective.
• Zero Trust – The model that says we can’t assume our internal
network is not breached. Exact same model applies to cloud, of course.
• External Hackers & Internal Hackers - All the same. All it takes is an external
hacker to install malware on an employee’s laptop or phone to get access to
internal systems, as an internal hacker.
• If a hacker is inside then it is much easier for him or her to crack passwords
and logins for internal applications.
Zero Trust
6
7. • Traditional Zero Trust model – we will provide access to internal
applications only on a as-needed basis and enforce. So only
authorized users will have access.
• This is common sense but what prevents someone who has
already hacked one ID to hack another one, specially now that
he is inside the trusted environment? He can become the trusted user, to
access sensitive applications.
• True Zero Trust – Assume there is an unwanted hacker with access, trying to
crack into internal applications, fight him pro-actively, instead of depending
on passive measures. This is what LoginCat does.
7
Zero Trust
8. • Various strategies to crack passwords
• Keyloggers – when they work are the easiest
• Rainbow tables – Hack passwords as a service
• http://project-rainbowcrack.com/table.htm
• 6 TB of Rainbow tables ; can crack all characters on keyboard
• John the Ripper - http://www.openwall.com/john/
• GPU based cracking - much faster than using CPUs, using massive
parallelization - a home built GPU cluster can crack every Windows
password in less than 6 hours. http://goo.gl/mU5EFB
8
Just how easy are passwords to hack?
9. • Crackers today are really efficient at breaking passwords.
• Deep Blue Supercomputer - around 1999 - beat Garry Kasparov - 11.38 GFLOPS.
• Samsung Galaxy S7 with SnapDragon 820 packs 498.5 GFLOPS. Your Samsung
Smartphone is approximately 44 times faster than the Deep Blue
Supercomputer.
• On Desktop Radeon R9 Fury X2 = 17,204 GLOPS. 1,511 times faster than Deep
Blue.
• Hackers routinely build rigs with up to 25 of these GPUs, which is 430 TeraFLOPS.
https://goo.gl/1nVst6. This is same power as Blue Gene Supercomputer at
Livermore Nuclear Laboratory to simulate nuclear reactions.
• If one thinks passwords are secure because hashing will take a lot of computing
power – one is not living in the reality of 2016.
9
Just how easy are passwords to hack?
11. • Biometric and Thumb? Every thing you touch will now contain your password.
This is one of the easiest "security measures" to break. There are at least 7
different currently known ways to defeat this. For example, hackers have shown
simple inkjets can be used to defeat fingerprint based authentication.
• Iris Scanning? Megapixel cameras can steal your Iris patterns.
• Facial Identification? Face masks take care of defeating this security measure.
• Token / RSA? No longer secure. Quantum computers can hack it very easily. US
Government has already abandoned it. MIT has already developed a Quantum
Computer capable of easily hacking RSA.
Issues with other technologies
11
12. • First we eliminates passwords. We use Patented passphrase technology which is
many magnitudes safer.
• Pass phrase based authentication – Mathematically proven to be extremely hard
to hack, even with today’s computing speeds.
• We eliminates User IDs as well. No hack targets, zero exposure, zero trust.
• Assume hackers are already active – Built in zero trust based identity manager -
secures existing internal applications and cloud applications against hacking, by
proactively controlling and managing their passwords.
• Deep algorithm based edge security – stops hackers from even trying to attempt a
hack.
• Quantum computing resistant – No use of asymmetric keys which are easily
hacked by Quantum computers.
LoginCat Security – Summary First
12
14. As the processing speed of computers has increased, passwords are notoriously
easy to hack. 8 character passwords take 15 hours at most to hack these days.
Secure by design – End of Passwords
14
15. LoginCat exclusively uses pass phrases instead of passwords. Pass phrases are next
to impossible to crack, even with the fastest computers today and tomorrow!
Secure by design – Pass Phrases
15
16. • Most attempts to hack a User ID start with – knowing a User ID.
• A User ID is like painting a target sign on your back. Hackers gain access
to accounts by repeatedly trying to guess the password for a given User
ID.
• LoginCat eliminates using User ID for logins. This significantly reduces the
area of attack for hackers. There is no target anymore to guess passwords
against.
• Specific user accounts can no longer be targeted for hacking attacks.
Secure by design – End of User ID
16
17. • LoginCat Manages the User’s Identity across all connected applications.
• For internal and external applications LoginCat will automatically, and frequently change
the associated login credentials (passwords) for example every 4 hours. LoginCat will
automatically generate the toughest passwords possible. This makes it harder to hack the
accounts, while creating a constantly moving target for the hackers.
• LoginCat comes with a built in SSO solution which works across all major Cloud and in-
house applications. Users no longer need to be aware of their constantly changing
passwords, since LoginCat will log them into the end systems.
• When an application is hacked, LoginCat will either lock out the attackers automatically by
changing the credentials – or detect the hack (if the hacker has locked the account) –
either way preventing damages. The only solution designed to assume hackers are inside.
Secure by design – Password Management
17
18. • Edge of network security features – both in cloud and appliance form
factors.
• Deep security algorithms – beyond IP firewalls.
LoginCat will analyze incoming login attempts
and ban hackers using AI algorithms.
• Example Algorithms
• Multiple incorrect attempts from same IP
• Pattern analysis of incoming request headers to ban distributed attacks, for example same
request headers from multiple IPs, which are unsuccessful in login, will trigger off the
DDoS attack prevention monitor.
• Successful login from unknown locations, or locations that don’t match mobile devices.
Secure by design – Edge of network AI based hack detection
18
19. • All current security token based solutions are prone to Quantum attacks. This is
because technologies like RSA etc. are based on
factorization problems which Quantum computers
can easily solve.
• US Government already requires all authentication
methods to be Quantum resistant as it is believed
that some government based agencies already
have Quantum capabilities.
http://csrc.nist.gov/publications/drafts/nistir-8105/nistir_8105_draft.pdf
• Both the single and two factor authentication methods used in LoginCat are resistant
to being hacked by Quantum computers – as we don’t use Token based
authentication schemes. We are safe today – and ready for tomorrow!
Secure by design – Resistant to Quantum attacks
19
20. • LoginCat scripting based authentication adapters will work with all your
existing Web based and non-Web based applications.
• No changes needed to existing applications. Do they use MD5? SHA1? They
are already insecure – LoginCat provides the only means to make existing
applications secure and resilient, without code modification.
• We manage the passwords, change them on a daily basis, making your
existing application un-hackable, and quickly detect any hack attempts.
• Appliance or Cloud Based – bring us on premise with an appliance, or run
LoginCat via from our hosted cloud.
20
Easily integrate to your existing applications – Cloud or
Appliance
21. • User ID provisioning and instant locking from all internal applications, if
needed.
• Constantly updated – TekMonks will provide firmware updates to include
latest security and AI algorithms to protect against emerging threats.
• Both mobile (iOS and Android) and web based.
• Readily auditable – provides entire audit history of who logged in, when did
someone access an internal application, how long they were active, their IP,
mobile or web based access and even their location!
21
Other Benefits
23. • A secure by design solution.
• No User ID equals no easy way in. No way to target an individual.
• Pass phrases – mathematically impossible to crack.
• AI based Algorithmic security to stop hackers from even trying.
• Works will all your existing applications – Cloud or Appliance based
solution. The only affordable way to add security to existing applications.
Secure by design, from ground up
23
24. • Cybersecurity and cyber attacks are the top issues for any government or
corporate IT department.
• Hackers are increasingly professional, well funded and causing billions of
dollars in losses.
• LoginCat provides a secure, easily Integra table, managed environment
which is designed ground up to secure existing applications.
Can You Afford Not To?
24