Connect with us

Hi, what are you looking for?


Malware & Threats

New Appliance Helps Protect Against Social Engineering Attacks

Fairfax, Virgina based Cyveillance today launched a solution designed to identify and protect against targeted social engineering attacks and prevent enterprise employees from exposing valuable intellectual property and sensitive information as a result of such attacks.

Fairfax, Virgina based Cyveillance today launched a solution designed to identify and protect against targeted social engineering attacks and prevent enterprise employees from exposing valuable intellectual property and sensitive information as a result of such attacks. Cyveillance says the appliance, the Cyveillance Social Engineering Protection Appliance (SEPA), goes beyond currently available signature and malware detection technologies to examine email content and context, analyze real-time interaction with embedded web-links, access cloud-based intelligence, and leverage the cyber-footprint of the enterprise to detect targeted attacks.

Defend against spear phishing, social engineeringTargeted social engineering and spear-phishing attacks have become the new vector of choice for attackers to gain entry to enterprise networks. It can happen to anyone. Even Intel’s CEO, Paul Otellini has been a victim of a spear phishing attack. At a Forrester security event in Boston last fall, Intel’s CISO Malcolm Harkins shared a story of how its top executive fell victim to a targeted attack. In this case, the attacker decided to use public information from a lawsuit that Intel was involved in at the time. The attacker crafted clever emails, appearing to be from Intel’s attorney, and sent along some malicious attachments which Otellini decided to click on. It was from a trusted source, right? Wrong. In the end no sigificant harm was done, but the attacker was successful in penetrating one of the largest tech companies in the world and getting its top executive to do his part in helping the attack be a success.

SEPA hopes to protect against these types of attacks. Once an email has passed through the traditional email gateway, SEPA inspects it, looking for indicators of social engineering attacks by examining the content and context of along with the methods and behavior of embedded Web page links to determine the trustworthiness of the email.

“The benefit of SEPA is that it allows organizations to put a new layer of security in place to protect against infiltration attempts before they even reach their intended target. This not only takes the erroneous click of an email out of the equation, it gives organizations the ability to gain insight into the types of attacks targeting their organization,” said Manoj Srivastava, Chief Technology Officer for Cyveillance.

Online criminals use highly targeted social engineering scams that leverage social media to acquire openly available personal information on their targets. When the desired target falls prey to the attack, the malicious actors then gain undetected access to the corporate network. Once inside, the criminals extract sensitive information, which poses potential damage to the enterprise, undermines customer confidence and causes irreparable damage to the brand and more. SEPA’s unique ability to rapidly detect and protect against these targeted social engineering attacks, ensures intellectual property, sensitive information and customer data remain safe, while helping organizations preserve revenue, business productivity and customer trust.

“As attackers shift from targeting weak systems to weak applications and people, Enterprises must invest in greater visibility and detection – better matching attacker methods and motives. The best adversaries have transcended reverse engineering and embraced social engineering,” said Josh Corman, Research Director for Enterprise Security at The 451 Group.

SEPA can be custom configured to each enterprise environment, and employs detection capabilities including:

Email Intent Analysis – Inspection of email content and context to help determine whether the intent of the sender is malicious.

Advertisement. Scroll to continue reading.

Web link Evaluation – Embedded web links are traversed and the destination web pages are evaluated for malicious behavior using heuristic and behavioral analysis.

Global Threat Intelligence – Real-time access to Cyveillance cyber intelligence on malicious web links distributing malware, hosting phishing attacks, command and control botnet servers, botnet drop sites, malicious IP addresses running rogue DNS servers and open proxies etc.

High Value Target Protection – Leverage cyberspace footprint – including social networks of individuals with access to critical assets or sensitive information – to protect against targeted social engineering attacks.

The solution is priced based on a one-time cost for the appliance, as well as an annual license for the global threat intelligence service, additional line item for standard maintenance and support, as well as a “per target per year” (essentially read per user) fee. Other professional services are offered as well.

More information on the Cyveillance Social Engineering Protection Appliance™ is available here.

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Artificial Intelligence

ChatGPT is increasingly integrated into cybersecurity products and services as the industry is testing its capabilities and limitations.

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Malware & Threats

Threat actors are increasingly abusing Microsoft OneNote documents to deliver malware in both targeted and spray-and-pray campaigns.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...