Cloud Threat Intelligence
Skyhigh CSL researches activity across its extensive global user base to discover patterns of usage that compromise the security of corporate information. As an example, Skyhigh CSL pioneered an innovative approach to behavioral botnet detection by creating an algorithm that uses multi-dimensional probabilistic weighting to percolate domains that display characteristics of a Command & Control server. By using classical signal processing techniques Skyhigh can characterize abnormally programmatic behaviors, providing customers with detailed forensics to pinpoint and remediate exact systems that have been compromised.
Additionally, Skyhigh CSL developed capabilities to visualize outbound data flows to non-cloud service IPs and domains and analyzes the traffic by characteristics such as IP reputation and geography, enabling companies to identify outbound data flows and prevent data exfiltration. Further, Skyhigh CSL leverages a user base of 23 million users to create robust behavioral models to fingerprint each cloud service. Using these behavioral models in conjunction with additional threat intelligence feeds, Skyhigh detects abnormal activity with a high-degree of accuracy and proactively alerts customers to activities requiring attention. This enables Skyhigh to identify emerging malicious cloud activity – for example, those within encrypted traffic patterns, to proactively determine indications of the data theft using massively scaled data science and machine learning.
Cloud Service Intelligence
Skyhigh CSL researches cloud services to provide customers with a comprehensive view of the state of cloud services available in the global market and insight into the risks of each of these cloud services. In addition to continuously identifying and evaluating cloud services in real-time, Skyhigh CSL extends the depth of intelligence via integration with Darknet and other sources of cyber-risk intelligence while extending the breadth of risk visibility into the B2B partner ecosystem. In addition, Skyhigh CSL also audits over 20,000 cloud services when a major vulnerability, such as Heartbleed, VENOM, FREAK, POODLE, or BASH, is exposed, determines the security implications using advanced data mining and natural language processing, proactively informs customers of cloud service risks, and provides recommendations for remediation.
Cryptography Research and Development
Skyhigh CSL works with five leading cryptography academics from Cornell Tech, University of London, Georgia Tech, and University of California, San Diego, who form the Skyhigh Cryptography Advisory Board, to collaborate on cutting edge research and deploy cryptographic innovations for the cloud security market. In conjunction with the Cryptography Advisory Board, Skyhigh CSL has developed and brought to market several important advancements in cloud cryptography such as searchable symmetric encryption, order-preserving encryption, and format-preserving encryption.
Skyhigh Cloud Security Labs Public Research
January 20, 2016
Cloud Adoption & Risk in Europe Report Q1 2016 >
October 27, 2015
Cloud Adoption & Risk Report Global Q4 2015 >
June 25, 2015
Cloud Adoption & Risk in Healthcare Report Q2 2015 >
June 3, 2015
Cloud Adoption & Risk in Government Report Q1 2015 >
March 11, 2015
FREAK Update >
October 24, 2014
POODLE Update – Latest Data Alarms Experts >
October 23, 2014
In Plain Sight: How Hackers Exfiltrate Corporate Data Using Video >
October 15, 2014
POODLE – How bad is its bite? (Here’s the data) >
September 26, 2014
Was the Cloud ShellShocked? >
September 15, 2014
Dyre Straits: Millions of Cloud Users Vulnerable to New Trojan >
March 18, 2014
100,000 Tweets in One Day >