RevBits recognized as a Top Cybersecurity Solution Provider in 2021 by CIO Applications
RevBits Offering a Refreshed Look at Cybersecurity Software and Service
Established in 2018, RevBits is a comprehensive cybersecurity company that provides clients with superior protection and service. The company delivers protection against the most sophisticated cyber threats by offering four advanced security tools composed of ten different modules. Technological developments continue at RevBits with the new offering of an integrated platform to manage and control all four solutions in one single sign-on dashboard, RevBits Cyber Intelligence Platform and the coming offering of RevBits ZTN (Zero Trust Networking).
Below is the conversation that CIO Applications had with Mucteba Celik, the founder and CTO of RevBits.
How did you recognize the need for a refreshed look at cybersecurity software?
Having worked in various cybersecurity roles with companies such as BNP Paribas and Protiviti and private consulting work, I had the opportunity to see how different cybersecurity products worked. Most importantly, my prior experience allowed me to see the weakness and gaps that existed not only in individual products but also in solution classes such as endpoint security. When I set out to build the RevBits product suite, my top priorities beyond product effectiveness were to reduce vendor load and eliminate tiered products. For example, when I designed RevBits Endpoint Security , I wanted to ensure that the solution would not fail in detecting a malicious executable under any scenario. To accomplish this goal, I designed the product to conduct a three-phased analysis on all new executables: signature analysis, machine learning, and behavioral analysis.
Additionally, within our behavioral analysis engine, we designed some unique capabilities that practically ensure a 100 percent detection rate. To provide both vendor reduction and eliminate the tiered product effect, RevBits Endpoint Security delivers all modules immediately upon purchase. Administrators have access to the most robust detection capability in an endpoint product. This equips administrators with an advanced exploit detection engine and the most thorough EDR module on the market, which is actionable through a complete GUI interface or fully actionable through a command-line prompt.
As a customer, there is no need to upgrade the product to receive higher-level product modules; from purchase, all the product benefits are immediately available.
In your interactions with CIOs of leading companies, what are the challenges they face now in the Cyber Security space, and how is RevBits effectively addressing these issues?
When discussing our solutions, the common theme we hear is that the current cybersecurity environment where administrators work has multiple gaps that are being exploited by malicious actors. These gaps do not necessarily mean that other solutions are ineffective; it means that the actor is growing in sophistication to overcome the security arrayed against them. For example, email security is one of the oldest cybersecurity protections an organization can deploy and is in some respects the most significant; however, year after year, research shows that malicious emails remain the primary vector for incidents and breaches. The traditional Secure Email Gateway remains tried-and-true email security, which organizations have added to by supplementing email security with a cloud-based email security analysis solution. Nevertheless, malicious emails are bypassing these solutions and landing in employee inboxes. Studies indicate a bypass or miss-rate of more than 20 percent for sophisticated phishing emails that escape detection by current solutions.
The email security architecture deployed by organizations has a security gap, which is the unprotected employee inbox. Once a sophisticated phishing email bypasses deployed email security solutions and lands in the employee inbox, an organization can only rely on the employee to detect the malicious email and hope they do not click on links or attachments. We developed RevBits Email Security to protect the exposed employee inbox by creating a dedicated email security solution that protects the inbox and defends against malicious emails that have bypassed other email security products in the network.
To further understand the need to cover this gap, consider the reason for the high escape rate for malicious emails that land in the employee inbox. All other email security solutions are conducting analysis on a mass volume of emails coming into the solution. The problem with this design and the exploitable vulnerability of these solutions is "time" based. All mass email analysis solutions need to analyze each email quickly to avoid latency and ensure prompt delivery to the inbox. Malicious actors understand the time element in email analysis and exploit it by developing sophisticated phishing emails capable of bypassing email security solutions. When an escaped malicious email lands in the user inbox, the organization relies on the employee to determine if the email is malicious, report the email, and not click on a link or open an attachment.
With RevBits Email Security, each workstation becomes an analysis engine, and it is only concerned with a single employee inbox. The analysis can take the time necessary to detect the most sophisticated malicious emails and block them from a user's actions.
Adding RevBits Email Security to the existing email security stack, an organization's email system is fully protected.
What are the factors that keep RevBits a notch above the rest?
Although it may sound unusual to say, RevBits does not strive to be the top cybersecurity firm . However, we do try to be our customers' top cybersecurity vendor. We recognize that there are many market choices, and we feel our best market position is to be the most reliable and comprehensive vendor for our customers.
We seek input from our customers on their specific needs and do all that is possible to adjust and add to our products to meet their needs and requirements. We understand that the threat landscape is continually changing, and malicious actors are constantly adjusting their TTPs, and therefore, RevBits must also be willing and capable of adapting. We believe our competitive advantage, beyond our current full suite of solutions, is our ability to improve our products continually. Our large development team allows us to go from idea to reality quickly.
What does the future hold for RevBits?
We solve complex problems, and building a Cyber Intelligence Platform (CIP), the fully integrated solution platform, is one of the toughest problems yet to be solved in the cybersecurity marketplace. CIP is every CISO's dream—a full set of best-in-class cybersecurity modules integrated into one complete platform.
We are currently interviewing for key sales and marketing positions to help with the post-launch success since entering the market. We feel our future is extremely bright as we continue to innovate within the current products and with new offerings.
In terms of product expansion, we continue to develop and enhance our current products and look to new tools to bring into the list of offerings. For example, we are completing various features to RevBits CIP. It will offer administrators a single sign-on capability to all our products. Additionally, all products will feed intelligence and alert notifications through the unified dashboard environment, which will allow for immediate launch to either the product sending the alert or to the impacted endpoint. Our goal with CIP is to provide our customers with an integrated platform to manage their security solutions and enhance their reaction speed to threats and allow for easy threat mitigation.
It’s a common misconception that the only threats to an enterprise’s security come from external actors. Whether intentional or not, 47% of organizational data breaches are the result of internal human error, such as a misplaced device or document. Moreover, some employees present an even larger risk than others. According to recent reports, younger employees are more likely to bypass security protocols that are viewed as an impediment to their productivity. When it comes to onboarding new employees, young or old, enterprises must have proper security awareness & anti-phishing training, in addition to a strong privileged access management solution, to guard against the different types of human error that could create security vulnerabilities.
Although email phishing has taken many forms throughout the years, the most common type of email scam is also the oldest. Since 2003, black-hat hackers have created domain names and web pages that look virtually identical to actual websites and have linked these copycat sites to vulnerable users via emails. It is increasingly difficult to tell the difference between a real web page and a fake one, especially for companies without sophisticated anti-phishing tools. For all companies, it's important to have the best anti-phishing solutions in place to ensure all data is protected and downtime is avoided.
Have you ever received an email that looks totally legitimate, links to a website that looks real, and asks for personal information? It is becoming harder and harder to know who and what can be trusted. Phishing is the practice of trying to get an unsuspecting email user to engage with an email in some way (opening, clicking, downloading an attachment, sending money, etc.).