Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybersecurity Funding

Zero Trust Provider Mesh Security Emerges From Stealth Mode

Israeli cybersecurity startup Mesh Security today emerged from stealth mode with a zero trust posture management (ZTPM) solution that helps organizations implement a zero trust architecture in the cloud.

Israeli cybersecurity startup Mesh Security today emerged from stealth mode with a zero trust posture management (ZTPM) solution that helps organizations implement a zero trust architecture in the cloud.

Founded in February 2022, the Tel Aviv-based company claims it can provide real-time visibility, control, and protection across all enterprise assets, regardless of where they are located.

The expansion of XaaS (Anything/Everything-as-a-Service) has created a broad attack surface that organizations may find difficult to protect.

Mesh believes that the adoption of a zero trust architecture helps mitigate these evolving risks, and has built a platform that organizations can use to implement a unified zero trust architecture on top of existing stacks.

The company claims that its ZTPM SaaS platform can map an organization’s entire cloud XaaS estate in minutes, to deliver complete visibility into its current zero trust posture.

Mesh also designed its platform to monitor for anomalous behavior, prioritize critical risks and sensitive assets, and help organizations automate remediation to improve security and ensure compliance.

Also today, Mesh warned of a MFA bypass and impersonation risk impacting over 100 vendors. Referred to as ‘Cookeys’, the problem exists because improper session cookie validation allows attackers to access mission-critical resources remotely.

“Among the [impacted organizations] are several leading Zero Trust vendors that surprisingly do not follow the first fundamental principle of Zero Trust: every system should explicitly verify every digital interaction,” Mesh says.

Advertisement. Scroll to continue reading.

One of the identified issues was that stolen session cookies could be used to log into various resources and take over accounts. An attacker could use these stolen cookies even to bypass active MFA mechanisms.

“Cookie reuse without proper validation results in an adversary that can impersonate another user to perform business functions on their behalf. This threat can lead to internal phishing, fraud, data theft, and ransomware,” Mesh notes.

Cookeys, the company notes, can also be exploited for lateral movement, where adversaries use legitimate and verified identities to perform nefarious operations, such as accessing restricted business resources.

With access to a SaaS application account, the attacker could stealthily eavesdrop on data in transit, performing espionage, sabotage, or even data theft, Mesh notes. Furthermore, the attacker could gain access to a variety of XaaS resources and data, even to the organization’s most sensitive assets.

One of the organizations impacted by these risks, Mesh says, is Okta. When informed of the vulnerability, Okta said that it relies on browser and operating system protections to prevent cookie stealing and malicious plugin attacks.

“If an attacker were to have a foothold on your endpoint that allowed them access to user cookies, they would typically already have the ability to deploy malware or other methods to compromise the downstream applications,” Okta said.

Related: Privya Emerges From Stealth With Data Privacy Code Scanning Platform

Related: Data Security Firm Sotero Raises $8 Million in Seed Funding

Related: Edge Management and Orchestration Firm Zededa Raises $26 Million

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

DARPA veteran Dan Kaufman has joined Badge as SVP, AI and Cybersecurity.

Kelly Shortridge has been promoted to VP of Security Products at Fastly.

After the passing of Amit Yoran, Tenable has appointed Steve Vintz and Mark Thurmond as co-CEOs.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.