Keepnet Labs protects businesses through life cycle of email-based attacks. Only Keepnet, with patent pending technologies, covers all phases of email based cyber attacks in one platform which runs either on premise or in the cloud. It is a next-generation security platform that hosts a full spectrum suite of cyber security defence, threat monitoring, security management and user awareness products that encapsulate an integrated approach to people, processes and technology thus reducing the threat in all areas of email-borne attacks.
In our interview with Ozan Ucar, founder and the CEO of Keepnet Labs, we talked about the company history, their anti-phishing security solutions, and their newest patent-pending offering, Threat Sharing; a game changer in cyber security landscape.
Tell us a bit of your background. Who was Ozan Ucar before Keepnet Labs and how did the story of this company begin?
I have been working in cyber security since 2006 and being as eager to learn constantly and goal-oriented, I now hold many accreditations including Certified Ethical Hacker (CEH), Certified Security Analyst (ECSA), Licensed Penetration Tester – LPT (Master). I wrote thousands of technical training materials myself. However it did not take long for me to realize that learning on your own is simply not enough to impact a change. Especially if you are after a significant one.
In 2008, I co-founded my first company after I developed a new generation firewall that detects and prevents network based attacks. Growing as fast as Keepnet Labs, only in two years we reached 600 customers. Then I was a managing partner at a cyber security consulting company working on many projects on finance, energy, telecommunication, and public institutions.
As a serial entrepreneur, I always liked being the lead position in the works I was involved in. Always focusing on saving time and energy, I developed permanent solutions to recurring problems. At the end of the day, since a phishing email is often the first phase of an attack; I always knew that protecting inboxes and raising cyber security awareness is the ultimate way to go to fight better with cyber crime. There were already leaders in the industry doing exactly this but something was missing. One day it all made sense.
Strengthening the cyber security posture in any type of business required multiple security solutions at once and on top of all, none of the other cyber security vendors provided integrated solutions for each phase of email-based attacks. This holistic approach of having the whole set of anti-phishing security solutions all on one platform made Keepnet Labs unique, giving us the idea for protecting businesses through the life cycle of email based attacks.
What do you mean by the life cycle of email based attacks? How does Keepnet Labs improve overall organizational security posture?
There are fixed phases of every single attack. The first step is planning it and it requires information on email addresses. Keepnet Threat Intelligence provides up-to-date compromised credentials gathered from dark web and deep web which can indicate whether your corporate email addresses have been compromised, enabling you to take remediatory actions.
Launching an attack is the 2nd phase of email based attacks and Keepnet Email Threat Simulator launches a real life attack like a hacker which serves like a mini pentest for email gap analysis. Simulating an attack by sending hundreds of malicious emails to a dedicated email address on your servers allows you to see how strong your current security tools and parameters are. When you do these tests regularly, and apply remediations each time accordingly, you can measure real improvements to your security posture over time.
3rd phase is the Compromise Phase when the attacker is able to reach the inbox, where we have to rely on user awareness then we should raise it by our Phishing Simulator and Awareness Educator. This is essentially a simulation to target your users with phishing scenarios. It will give you the information about the number of users that would click on an email, download the attachment or enter login credentials into a fake website.
We support that by providing the awareness educator platform that improves their cyber security awareness level using a suite of eLearning, animated videos and gamification. Essentially, if the compromise phase is reached, your security might be at stake. To greatly limit any potential damage, or prevent data loss, Keepnet Labs offers Incident Responder.
KL Incident Responder works like this: A user in your company receives a suspicious email. Via an email client such as Outlook Desktop, Mobile and Web, Google Workspace (Gsuite), Office365 add-on, with just one click, the user reports that email to the Keepnet Labs platform and Incident Responder automatically performs technical analysis to indicate whether it is actually malicious or not.
This action is completed using powerful third party integrations such as Sandbox, Antivirus, Malware Analysis VirusTotal in a minute or two and Keepnet sends these results to the user. Additionally, if the email is confirmed malicious, you have the option to automate the process to search all of the inboxes in your organisation and either warn the user or delete that email from every inbox.
You are also able to configure and integrate other services such as other Sandbox with Keepnet to increase the effectiveness of your security tools and centralise the process. With all these modules and features, Keepnet covers the entire life cycle of email-based attacks. Apologies for the long explanation. This is the shortest way I could explain in a simple way for everyone from different levels of technical knowledge.
That was quite thorough indeed. Thank you. I was wondering how you could catch up with the latest trends and topics to deliver the most up to date cybersecurity awareness training?
When you have Keepnet Labs Awareness Educator, then by default you have access to content prepared and owned by Keepnet Labs. You also have the option to upgrade your package and add content bundles from our third party awareness partners such as NINJIO, The Cybermaniacs and Bob’s Business.
This is another feature that makes our platform unique since it allows you to choose content that suits your company culture most. You can use Keepnet for years and change content type every year. Keepnet Awareness Educator LMS platform is also suitable to track compliance with IT and corporate policies. The end user receives training via email, so no login required.
According to our research, you founded the company only a few years ago and it became the industry leader in the local market with no outside investment. How come? This holistic approach can not be the only reason behind it…
I founded Keepnet Labs in the UK in November 2017. With the help of Cylon Lab‘s, I managed to reach some key people, decision makers and being selected as the most innovative cybersecurity company in the Technation’s Cyber program in 2019.
But surely it’s not that at all: Keepnet Labs offers solutions for various user profiles: End users in SME as direct customers is the first one.
Keepnet Labs renewal rate is more than 95% and it proves that our direct clients just don’t prefer to move onto another platform. Here we think the main reason is our comprehensive feature set covering many cyber security needs at once along with our effective support team. I feel lucky working with such an attentive team.
Plus, Keepnet Labs makes all the other security tools work better via integration with almost all industry-leading software. New APIs are developed as we speak.
We also have a big global distributor working with hundreds of resellers worldwide. Keepnet Labs is quite convenient and easy to adopt for managed service providers in cyber security.
What are Keepnet’s key differentiators for managed service providers? Why would they choose Keepnet Labs instead of others?
Well, let’s not say ‘instead’. Keepnet Labs is not a competitor to most of the security products in the market. It is actually complementary to them and it helps the company make better use of their security solutions. As I said before, there is no single platform out there that provides exactly what we provide.
Keepnet Labs also has some distinctive features that all managed service providers have been demanding all along with the capabilities I mentioned before.
Multi-tenant system: It is said that time is always of the essence in cyber security. On Keepnet, MSPs can have full visibility and manage multiple client/sub-reseller environments from a single point saving them tons of time.
They now cannot think of going back to the old way of doing things, performing the same tasks over and over again for different sub companies.
White-labelling: As our global partners did, MSPs can rebrand Keepnet using their own logo and name on the platform adding immense value to their brand name.
Keepnet Labs has reached one of it’s milestones – having 1 million users onboard- only in a few years thanks to our global partners that loved our platform and helped us promote it all around the world, especially in the US. We are proud to see that they were chosen no.1 on Gartner Peer Insights using Keepnet Labs as their core platform.
How will your recently added module Threat Sharing help organizations? You mentioned that it was patent pending? How does it work?
Keepnet Labs Threat Sharing provides organizations with the ability to share real-time email threats anonymously within trusted community groups. It actually takes what we do on incident responder and scales it up to a wider community. Here you can join public or private community groups to share malicious email samples with each other either anonymously or openly.
Working collectively against the attacker this way, all leveraging the eyes in the community, you can protect each other from cyber attacks by informing everyone in your community about new types of threats starting from day one. The recipient of the threat intelligence can then search their inboxes for the threat, even before any of their own users identify and report it, significantly reducing your risk of a major email security incident.
It’s quite cool actually. I am very proud and excited about it. It will make a great impact on the cyber security landscape as fighting zero day attacks is now easier than ever. As it requires a community of different companies, we offer it to managed security service providers as they deliver security solutions to hundreds of companies at once.
When they receive a threat intel from a company, they can search for it in all the other companies at once and delete it if it exists before the damage is done. If not, they can set related playbook rules to block it, for future reference. An amazing time and life saver. It is a great asset also for big organizations that provide threat intelligence to its members such as CSIRT and ISAO, enhancing their incident response capability.
We’d like to thank you for your time before the final question: The obvious one: What else would you like to add that we might have forgotten to ask?
Thank you indeed. It was a pleasure. I believe there will never be an end to cyber crime but we can become better fighters. That’s why we are committed to continuous innovation and expansion of our suite of security products in order to meet the needs of a constantly evolving cyber-threat environment.
For individuals, we have a Secure Human project at https://securehuman.keepnetlabs.com/ Feel free to dive in. For businesses, please feel free to reach out for a trial run. We’d love to hear your readers’ feedback! Thanks again.