Cyber Crucible

• Protect and prevent: Cyber Crucible co-exists cleanly with your existing endpoint solutions. It automatically configures itself to ensure you receive no conflicts from our software.
• Technical data: We provide deep technical data on security and compliance that can be used by threat hunters, privacy officers, and incident response personnel (IR).
• Enhanced accuracy: We provide customers with the ability to know how an attacker accessed a system, and critical data explaining what activities they performed on the system before executing their extortion software.
• Information: All Cyber Crucible-generated behavioral indicators are available for research and analysis, but notifications and alerts are timely and rare.
• Flexibility: our data is your data. Leverage our streaming analytics and RESTful interfaces for integration for your XDR or dashboards. Give your devops team the ability to automate the deployment and monitoring of Cyber Crucible agents.
• Performance: The team has developed novel edge computing behavioral analytics to provide the speed and resilience necessary to put extortion attacks at a completely managed risk.
• Cyber resilience: Automated extortion defense requires a great deal of mistrust and paranoia. The attackers are infiltrating trusted applications, users, network devices, and even the operating systems themselves.
• Data Loss Prevention (DLP): DLP solutions focus on never-ending data classification efforts that have proven ineffective, despite consuming nearly unlimited service hours.
• Behavior-based identity theft prevention: The Cyber Crucible team observed that the passwords, cookies, and tokens crucial to network and cloud-based identity access were always stolen and misused during extortion attacks.

What is the Cyber Crucible Appliance made of?

• The Appliance contains the following pieces of (software) equipment:
• 1 dockerized Spring REST server dedicated to endpoint software communication
• 1 dockerized Spring REST server dedicated to web application software communication
• 1 dockerized React.js server
• 3 dockerized MongoDB servers, as a MongoDB replica set
• DNS records (unique per appliance for all servers)
• Kubernetes configuration scripts for all necessary setup and scaling functionality
• 1 NGINX Ingress Controller for Kubernetes
• AWS Cognito User Pool & Federated ID (unique per appliance)
• SSL/TLS certificates (unique per appliance for all servers)

Who is the Cyber Crucible Appliance made for?

• We've made it easy for almost anyone to start using Cyber Crucible, but especially for:
• Customers wish to remain in possession of their data at all stages of processing and storage.
• Customers with regulatory or compliance requirements necessitating internal control of all data and processing.
• Customers with networks disconnected from the Internet.
• Customers with data protection regulations do not allow data to be stored or processed in the United States.

Why is Zero Trust Product Design necessary?

• Network traffic integrity: Privileged client and server applications (like security and administration software) depend on network traffic to be sent untampered, and trusted to be from the true source (not spoofed)
• Administrative tools (RMM) integrity: Remote management tools such as Kaseya and ConnectWise are trusted to send legitimate commands on behalf of remote administrators.
• Active Directory integrity: Active Directory, and peer technologies, are trusted to correctly manage and task users and systems.
• Application integrity: Applications are trusted to behave as expected given the installed programs, and not execute 3rd party (usually malicious) code inserted into the program once it is running.
• User identity integrity: Users and applications presenting tokens, passwords, and keys from normal systems and applications, are generically believed to be legitimate access.
• Operating System integrity: Commands and messages from the core (kernel) of an operating system, the most protected section of the operating system, are trusted to be genuine system management behaviors.