GVX Consulting global - TECHNOLOGIES


Harmony - Our Integrated Cyber Defense Platform

Harmony enables CISOs to shift focus to proactive “management by objectives” through high-level executable security policies. These policies define organizational security and compliance objectives as well as cyber risk appetite. This “policy as code” approach facilitates coordination, reporting, and separation of concerns between different stakeholders in cyber defense, compliance and risk

management. Orchestra executable policies utilize existing cyber technology anchors for existing “silos”, add new cyber innovations as needed and provide cross-silo mitigation enforced directly by Orchestra. Policies also provide a basis for the metrics, reporting, and processes of continuous improvement. Orchestra’s platform addresses three major roadblocks that make it difficult to manage cybersecurity:

  1. Fragmented technologies using different paradigms for each slice of the cybersecurity puzzle leading to cyber stacks of between 10-120 different technologies.
  2. Lack of standard metrics to measure, manage and benchmark cyber defense. This is crucial to drive efficiency, effectiveness and continuous improvement.
  3. Constant change is now the norm for business and IT. Cybersecurity requires constant tuning of the trade-offs between shifting IT\Business needs and cyber risk.

Harmony platform provides an integrated approach to defining, managing and operationalizing security objectives through high-level executable security policies. Orchestra’s initial focus is on continuous, adaptive, risk-based left-of-bang security.

Our Fraud Detection and Authentication Solution

Our mobile fraud detection and frictionless authentication solution is a combination of a lightweight SDK, and a powerful, analytics-based backend risk engine. Using multiple and unique data-gathering intelligence sets, our solution can decisively identify fraud/no-fraud transactions in milliseconds. 

Organizations benefit from regulations and best practices driving organizational security posture, rather than just as a checklist for assessment. Orchestra integrates regulations, best practices, threats, incidents, alerts, and processes as first-class citizens of cyber defense.
Security teams benefit from integrated operational security, cyber risk monitoring, and compliance providing the coverage metrics needed for continuous policy improvement.

Harmony - Internet of Things Security

As billions of things, from phones and TVs to watches and lightbulbs, become smart and connected, enterprises everywhere become less secure. The reality is these devices are creating openings that can be exploited by attackers to eavesdrop, steal data and compromise your ongoing business operations.

How? It’s really a combination of design and opportunity. Many of these devices are built with convenience, not security, in mind, so they often have vulnerable interfaces, unprotected storage, hardcoded backdoors, unencrypted communications, and insecure pairing procedures that can be exploited. They also typically communicate over the “air”, via open hotspots, unmanaged or public wireless networks, and peer-to-peer (P2P) wireless connections, so they are completely invisible to your traditional enterprise management and security systems.

Harmony IoT shuts down these attack openings, giving you total visibility into all IoT activity and protecting you from IoT and wireless-born attacks.

Total Visibility to your Airspace

Harmony IoT continuously monitors and analyzes all the smart connected devices in your airspace.

The moment any device enters your airspace, it is identified and tracked, so you know exactly what’s happening at all times. In addition, Harmony IoT compares what a device IS doing, with what it SHOULD be doing. These comparisons are based on the simultaneous analysis of a variety of parameters, including the device type – Harmony IoT has the largest database of wireless computing devices and activities in the world – attributes (who owns it, where it’s coming from, when it’s connecting), and other learned behaviors.

Proactive Threat Detection

Harmony IoT accurately identifies vulnerabilities and threats from smart connected devices active in your environment.

Uniquely combines positive detection, which looks at how a device should be behaving, with negative detection capabilities, which identify known attack behaviors, to produce high fidelity alerts that allow you to quickly understand and address any risks in your environment. Harmony IoT’s cutting edge data science approach pinpoints misconfigurations, software bugs and other vulnerabilities in the environment that need to be addressed, as well as zero-day threats coming from smart connected devices.

Real-Time Attack Mitigation

Harmony IoT automatically prevents malicious IoT activity and policy violations, in real-time, to keep your business going.

Interrupts or disconnects wireless connections to prevent data transfers and isolate threats in your environment. Harmony IoT can also enforce IoT policies that align with your business and compliance objectives. For example, Harmony IoT can ensure guests can’t connect to internal assets or devices can’t be connected to wired and wireless networks simultaneously. The detailed, actionable information on the IoT activity in your environment can be integrated to improve the intelligence and effectiveness of your overall security infrastructure.

How it Works

It’s quick and simple to add Harmony IoT defenses to your cybersecurity infrastructure to get the visibility and protection you need for the activity of smart connected devices in your environment. Small, non-intrusive Harmony IoT Smart Protectors can be deployed anywhere within your sites to protect your surrounding airspace. The Harmony IoT Cloud Service analyzes metadata collected by the Smart Protectors and pushes down policies and threat mitigation to keep your critical assets safe.

Smart Protectors

  • Continuously detects and monitors all smart connected devices
  • Deploy the sensors throughout your environment to get a clear understanding of what’s going on in your airspace
  • Operates completely independently, out-of-band, so there are no agent or updates to worry about

Cloud Services

  • Applies proprietary artificial intelligence (Al), which combines machine learning algorithms and big data science, to continuously learn about your environment and profile all your smart connected devices.
  • Pinpoints malicious activities and threats.
  • Initiates automated mitigation responses, when appropriate (per policy).

The Difference of Harmony IoT

24/7 Monitoring

Using advanced algorithms working around the clock, Harmony IoT is constantly learning about your environment and fine-tuning defenses to give you the best protection possible.

Simple Deployment

No access to your networks or your assets is required. The Harmony IoT Smart Protectors are completely independent and out-of-band.

Complete Coverage

Harmony IoT Smart Protectors can be strategically placed around your organization to deliver maximum coverage of your wireless airspace - when it enters, we will see it!

Accurate Detection

Thanks to the unique combination of positive and negative detection and proprietary machine learning algorithms, Harmony IoT produces high fidelity alerts that pinpoint malicious IoT activity and policy violations.

Zero Touch

Cutting-edge auto-mitigation techniques mean human intervention is only needed in the most extreme circumstances.

SOC Integration

Our solution easily integrates with the most popular SIEM systems around to give you visibility and control over IoT from anywhere.

Harmony Purple

Harmony Purple is an automated blue team and red team combination to ensure that your cybersecurity controls are the most effective. Harmony Purple layers its patented attack path scenario engine on top of your existing cyber capabilities.

Harmony Purple continuously analyzes your security posture to prioritize the most effective ways to minimize your cyber risks. Harmony Purple provides any size company with next-generation security tools that were previously only available to the largest companies.

Harmony Purple Pro

Harmony Purple Pro is the workhorse of the product suite. It is a patented autonomous machine-based penetration test which initially scans the networks, its assets, its vulnerabilities and then takes the next step to map out and validate all the routes a hacker could take to reach your critical assets and business processes. Much like the process a human penetration tester would follow, but continuously and at a much larger scale and scope.

Harmony Purple Enterprise

Harmony Purple Enterprise manages several Harmony Purple Pros. This is great for larger organizations with global networks who wish to gain insights on global Attack Path Scenarios ™ between their branches, each using a different Harmony Purple machine. Harmony Purple Enterprise will aggregate information from all CyBot Pros for in-depth global insights on cyber threats to your business processes.

Harmony Purple Enterprise MSSP

Harmony Purple MSSP provides large managed security service providers with full control of their Enterprise customers, each with their various Harmony Purple Enterprise and Harmony Purple Pro accounts. Schedule their scans, get alerts to your SIEM and much more.

© Copyright GVX Consulting Global Ltd 2020