Cyber threats become increasingly more challenging to understand and to protect from because attack tactics, techniques and procedures evolve quickly. As a result, established cyberdefence technologies and methods become rapidly obsolete.

Startups often have novel and disruptive ideas and can provide technologies that can offer a technological advantage over attackers. Therefore, it is essential to identify and deploy such technologies as early as possible, even if the technology is not yet fully mature.

The Cyber Startup Challenge 2020 was organized by the Cyber-Defence Campus at armasuisse Science and Technology in the form of a market exploration where young companies could propose their technologies for Cyber Threat Intelligence. The goal was to find innovative and new solutions for the Swiss Armed Forces and quickly test them in a real environment.

This first edition of the challenge attracted 22 startups. Twelve applications were received from Switzerland, seven from Europe, and three from the USA, offering a broad spectrum of innovative technologies. The jury selected the following three finalists:

CounterCraft

Countercraft was awarded on November 3^rd at the CYD Campus Conference as the winner and will get the opportunity to demonstrate its technology in the Swiss Armed Forces in 2021. CounterCraft, a deception-based threat intelligence pioneer, provides full-spectrum cyber deception to detect attackers, collect data and manage targeted attacks. CounterCraft’s solution combines campaign automation with controlled, highly credible synthetic environments to allow attackers to penetrate organizations without doing real damage, unknowingly providing contextualized, timely threat intelligence. The multi-campaign, multi-tenant platform allows users to craft bespoke, automated deception campaigns on anything from internal servers to external cloud-based infrastructure, allowing any business to tune its defenses to the current threat landscape. In addition to threat detection and response, CounterCraft also provides Threat Intelligence Services to deflect attacks away from the production infrastructure of the organization, detect pre-breach activity, and mitigate the risk of spear phishing and ransomware attacks. CounterCraft is recognized for its radical contribution to the deception technology market and operates in more than 20 Fortune 500 Index companies globally, including financial institutions, governments, retailers, and law enforcement agencies.

For more information, please visit www.countercraftsec.com.

Exeon

ExeonTrace is an alarm system for a network. Machine learning algorithms analyze IT log data to detect cyber intruders such as ransomware, advanced persistent threats (APT) or malicious insiders. Visualizations further enable a deep understanding of the network’s data flows.

ExeonTrace's software is very easy and non-intrusive to set up since they rely on their customers' existing hardware as network sensors (NetFlow, DNS data, secure web gateway, and any application and system logs). This sensorless approach makes it a future-proof solution, because sensors struggle with the increasing network bandwidths and the trend to encrypt network traffic renders them «blind». Further, ExeonTrace can run completely offline in the user's data centers, making it ideal for very sensitive networks. Exeon showed in various setups that their algorithms can successfully reduce the detection time from 200 days to one day, allowing to react before major damage happens.

For more information, please visit https://exeon.com.

Moabi

Moabi provides a software-as-a-service (SAAS) platform for the automated audit of software for industrial corporations who want to ensure their level of security before the operational launch of their new projects in IoT, 5G, connected vehicles, Cloud… Moabi improves their security posture, by pushing their internal and external software suppliers to implement remediation and quick fixes.
As it leverages security standards and best practices, along with the detection and identification of known vulnerabilities and 0Days, Moabi automates the analysis and rapid testing of thousands of software programs, without the need to access the source code.
Moabi's platform measures the defense surface of those software to comprehensively assess their cyber strengths and weaknesses. Moabi then presents a coherent and objective framework, with priority action plans to advance the inherent security of software in their design, development, integration, deployment and operational phases.

For more information, please visit: https://moabi.com