Kevin Prince, Founder and CEO
As the world continues to combat the global COVID-19 pandemic relentlessly, tech giants are ringing alarm bells over the growing threat from cybercriminals. The current work-from-home setup has exposed enterprises to ransomware attacks, opportunistic phishing threats, and other malicious activities. Moreover, cybercriminals are finding new ways to exploit people’s thirst for information as a vector for attack. By using COVID-19 themed e-mails, the attackers are luring individuals to click malicious links. “People, at present, are doing things different from their normal protocol, and are vulnerable. This trend is driving a greater need for enterprises to invest in cybersecurity in a new and different way,” begins Kevin Prince, founder and CEO of StratoZen. Headquartered in Salt Lake City, Utah, StratoZen helps solve the modern cybersecurity challenges faced by service providers and enterprises. The company provides solutions pertaining to SIEM-as-a-Service, SOC-as-a-Service, and Proactive Defense. With these solutions, it bridges the gap between traditional in-house cybersecurity and legacy outsourced MSSP (managed security service provider) options. As a cloud-based platform, StratoZen makes cybersecurity compliance more accessible, affordable, and flexible for enterprises.
“Although SIEM is the foundational component for any enterprise to create a cybersecurity solution and compliance offering, it is only half of the formula—and StratoZen’s platform was built on this premise,” says Prince. To have an effective cybersecurity system in place, enterprises also need experts who can analyze, interpret, and conduct forensics and threat hunting on data within that system. StratoZen’s unique SIEM and SOC solutions essentially unburden enterprises from the cybersecurity compliance issues that are time-consuming and resource-intensive.
Another area where StratoZen comes in handy is in addressing the issue of labor shortage. Enterprises find it difficult to manage and monitor a particular cybersecurity system because of the lack of trained experts. While most enterprises regard partnering with MSSPs as an ideal solution to address the issue, they often end up hiring the wrong MSSP who may not have the level of expertise as the enterprise itself. As industry leaders in cybersecurity, StratoZen not only can manage security systems of enterprises through the unique platform but also has an in-depth knowledge of the regulatory compliance requirements.
From the execution standpoint, StratoZen gathers the critical data from security logs of enterprises, such as routers, firewalls, servers, active directory, and other critical devices on their network into the platform, in a secure manner.
As a cloud-based platform, StratoZen makes cybersecurity compliance more accessible, affordable, and flexible for enterprises
This is done by a virtual machine, which after collecting data from logs, encrypts and compresses them before sending it to the platform. The device-agnostic feature of the platform enables it to accept log data from any device in the client’s network. Subsequently, the team cross-correlates and analyses the data and applies custom rules to all of the events and alerts that are coming through.
“In the next layer, we enrich the data through geolocation, context, and configuration to know details like what type of system is being targeted? What operating system it is running? What vulnerabilities does it have? And more,” says Prince. “We have a network of worldwide sensors that collect real-life attack data all the time. We feed that data into the SIEM to see if any of those sources are present in the client environment.” In the last step, the data goes to our SOC for analysis and escalation. In case there is a breach, StratoZen sends a notification to the client, which could be direct guidance on how to respond to the issue or an automated response.
The platform also provides a risk analysis portal to clients that help them identify which areas or devices of the network are the riskiest. Following this, a full reporting, both in terms of detailed operation and compliance, are made available to clients.
StratoZen provides its solutions in two crucial ways. In the first instance, the company enables other services providers to deliver all its offerings to their customers. The company has over a hundred different managed service providers (MSPs) in the US that use and rebrands its services. In the second instance, StratoZen directly engages with large enterprises to offer the same services at that level.
What’s more, StratoZen offers a daily cybersecurity review to clients, which is a continuous check of all the cybersecurity events. The offering is very cost-effective as it analyses alerts in near real-time. Additionally, the company has also implemented some security orchestration and automated response (SOAR) capabilities such as automated blocking of an attack and blacklisting/stopping a service on a server. Besides, with the proactive defense solution, StratoZen keeps track of live attackers in the their custom built SWAT (StratoZen Worldwide Active Threat) feed and blocks them on the network. Currently, the company is working on the SIEM-agnostic mechanism that enables enterprises to use StratoZen’s services, regardless of the SIEM they have.
Founded in 2014, StratoZen has expanded its client base consistently over the years. “In 2020, we are adding one new company every day to our platform,” extols Prince. Moving forward, the company intends to enhance its SOAR capabilities and continuously improve upon our near-zero false positives rates. StratoZen also plans to monitor threats cost-effectively and improve the proactive defense solution.