CYFIRMA: Bringing Threat Visibility and Predictive Intelligence into Cybersecurity

Kumar Ritesh, Chairman and CEO, CYFIRMAKumar Ritesh, Chairman and CEO
Historians credit Greece’s victory in the Trojan War to the Greek Army’s intelligent tactic to use the Trojan Horse. The unbreachable walls of Troy would not have fallen if the Trojans stationed at the gates had inspected the horse before letting it into the city. Today, in a similar case, cybersecurity solutions fail to protect enterprise networks not because of the integrity of their firewalls and other security controls, but due to the lack of proper intelligence and timely threat visibility. This challenge is resulting in the demand for smarter solutions that can monitor, detect, and prevent incoming cyber attacks. Singapore/Tokyo based CYFIRMA offers AI and machine learning-powered cybersecurity solutions that deliver accurate, predictive cyber intelligence across all aspects of an organization to ensure unparalleled protection. “CYFIRMA’s contextual intelligence technology predicts and simulate cyberattacks and breaches before they happens, enhancing an enterprises’ ability to proactively identify the threats and address the risks in their cybersecurity posture better safeguarding corporate data and reputation,” says Kumar Ritesh, chairman and CEO of CYFIRMA.

The core challenge in today’s cyberspace is an organization’s reactive approach toward cybersecurity. Ritesh, with his extensive expertise of working in the cybersecurity realm, believes that organizations have to assess their cybersecurity posture from an external viewpoint in order to tackle the current and future threats that the ever-evolving cybercriminals pose. “CYFIRMA offers their clients with a hacker’s point-of-view and informs organizations on the vulnerabilities in their system, and the motivations and maturity level of a hacker group, to aid enterprises in understanding the type of potential attacks that could be targeted at them,” adds Ritesh.

The company offers two types of solution for organizations with not very mature and mature cybersecurity posture. 1) 360°cyber services tailored daily and weekly intelligence reports for not very mature cybersecurity organization, and 2) For mature cybersecurity organizations, they offer cloud-based AI-powered Cyber threat visibility and intelligence (CAP) product, which organizations can use to perform threat hunting, correlation and attribution. The 360° services have a subscription model where clients receive daily and weekly intelligence reports offering detailed insights into who the hackers are, why they are interested in an organization, their background, what are they interested in, their motivation, how ready they are to launch an attack and how they can potentially attack. Additionally, the company’s intelligence-driven brand and executive monitoring, cyber risk scoring, cyber vulnerability analytics, and cyber education solutions provide a more focused product portfolio for clients to utilize in order to strengthen the security of their brand, asset, networks and more importantly people.

CYFIRMA’s contextual intelligence technology predicts and simulate cyberattacks and breaches before they happens, enhancing an enterprises' ability to proactively identify the threats and address the risks in their cybersecurity posture better safeguarding corporate data and reputation

CYFIRMA delivers unmatched predictive cyber threat visibility and intelligence through their cloud-based platform by employing the most advanced and cutting-edge AI and ML technology using data mining and analytics techniques to help proactively identify, quantify and prioritize potential cybersecurity threats. CAP collects threat data from thousands of different and discrete sources that include open source, closed source, government intelligence, CERT, ISAC, CIRT, commercial forum, social platforms, news forums and peer to peer channel. The unique value proposition of their technology offering is the ability to embed itself into Dark Web channels that are typically used by hackers to communicate with each other and plan an attack. CYFIRMA’s technology silently monitors conversations over a hundred forums without interacting with the perpetrators to avoid detection. Subsequently, when the solution detects the name of a client in a discussion, it starts to capture conversation-level information and brings it into CYFIRMA’s Cyber Intelligence Analytics Platform (CAP). CAP applies five layers of AI and ML engines to filter the data and structure the information to aid organizations in understanding the profile of hackers, their reason for breaching a client business, and assesses the perpetrators’ arsenal of potential attack methodologies to predict the timeline for a potential attack.

The company delivers the information gathered from the CAP analysis to the customer in three different segments— Strategic Intelligence, Management Intelligence, and Tactical Cyber Intelligence. The Strategic Intelligence segment informs clients about the “whos” and “whys” of a potential cyber attack and helps businesses gain an understanding of the vulnerabilities in their cybersecurity to ensure effective protection. With Management Intelligence, enterprises gain an idea on how to integrate CYFIRMA’s insights into their system and make the necessary changes: policy revisions, incorporation of newer cyber threats into the current incident response processes, and more. Finally, the Tactical Intelligence supports customers in the day-to-day detection of active threats to improve their cyber posture.

In the coming years, the traditional approach of deploying data security such as building stronger firewalls will put businesses at risk because hackers and perpetrators will continue to find newer and more innovative ways to break into an enterprise network. CYFIRMA, with their predictive threat visibility, is spreading awareness of the need for cyber intelligence and helping organizations cope with the increasing threat of cyber attacks. “Cyber intelligence will become the center of cybersecurity to ensure effective protection of enterprise networks in the future of cyberspace,” concludes Ritesh.
Share this Article:


Tokyo, Singapore

Kumar Ritesh, Chairman and CEO

Offers threat visibility and intelligence products and services for effective cybersecurity


CYFIRMA's Cyber Intelligence Analytics Platform (CAP) v2.0 to Help Detect Cyberattacks

CYFIRMA has launched Cyber Intelligence Analytics Platform (CAP) v2.0, which provides predictive cyber threat intelligence.

FREMONT, CA: CYFIRMA, a predictive cyber threat visibility and intelligence firm, has come out with a cloud-based Cyber Intelligence Analytics Platform (CAP) v2.0. CYFIRMA uses artificial intelligence (AI) and machine learning (ML) algorithms to help its clients resolve cyber threats and risks, and allow for effective cyber posture management.
Read More

CYFIRMA helps businesses fight cybercrime with predictive insights and cyber-intelligence

Mr Kumar Ritesh, Founder and CEO

Singapore/Tokyo/India – CYFIRMA, a threat discovery and cyber-intelligence analytics company, today introduced DeCYFIR, a cloud-based, AI-powered cybersecurity platform. DeCYFIR is designed to empower businesses with the ability to discover threats from the deepest trenches in cyberspace, decode signals from noise to gain useful insights, and apply remedial actions against cyber criminals before an actual attack occurs.

The COVID-19 pandemic has increased the world’s digital dependency, and along with it, increased businesses’ vulnerability to cyberattacks. Massive data fraud and theft as well as cyberattacks have been ranked amongst the top five risks globally in the next 10 years in terms of likelihood, according to the Global Risks Report 2019 published by the World Economic Forum.

Kumar Ritesh, Founder and CEO of CYFIRMA said: “The global pandemic, trade wars and geo-political tensions that have brought great uncertainty to the economy have also become a catalyst triggering transformation in the ways we manage and operate technology. They have accelerated digitalization and brought about the inevitable rise in intensity and sophistication of cyberthreats. Remote working has resulted in new attack vectors, integration of business applications with third-party systems can create new vulnerabilities, and employees unaccustomed and untrained in cybersecurity practices can heighten digital risk. Leaders with an effective defense strategy would know the threats that are coming towards them. I’m excited to introduce our enhanced threat discovery and cyber-intelligence platform, DeCYFIR, to businesses as we know cyber-intelligence is the new currency that will power growth and allow businesses to thrive in the post-pandemic digital economy.”

Predictive, Contextual, Comprehensive

With the DeCYFIR platform, businesses identify potential threats at the early planning stage of cyberattacks. The platform picks up threat indicators as observed in deep/dark web, hackers’ forums, and other closed communities including our own research, and predicts upcoming attacks based on a set of probability mathematical models and analytical engines.

DeCYFIR provides quality intelligence to businesses with information with industry, geography and technology specific information. The platform has the unique capabilities to connect the dots between hackers, exploit campaigns, motivations, methods, and attack readiness. All these combined, offers businesses complete contextual visibility of their threat landscape.

DeCYFIR redefines quality cyber-intelligence in its unique ability to provide all three layers of insights (strategic, management and tactical). When the insights are harnessed in totality, business leaders can make accurate decisions and direct scarce cybersecurity resources to mitigate risks according to threat severity.

With DECYFIR, cyber threats and signals are automatically discovered and decoded. These insights are provided in real-time so that security teams are always kept a step head of their cyber adversaries.

DeCYFIR’s Key Modules

DeCYFIR consists of several modules, each designed to help businesses strengthen their cybersecurity postures and be better equipped to handle the risks of digitalization:

• Threat Visibility and Intelligence (TVI)

TVI provides a comprehensive multi-dimensional strategic, management and tactical intelligence and cyber insights. This module answers WHO, WHY, WHAT, WHEN and HOW of looming cyber threats, and provide recommendations for remedial actions. With TVI, businesses can predict a potential cyberattack and prevent financial and reputational damage.

• Cyber Situational Awareness (CSA)

Real-time cyber insights, trends, cyber news, technology, regulatory & law, policy changes, emerging cyber-attacks, vulnerabilities, and exploits – all tailored to ensure relevance to a business’ geography, industry, and technology. When equipped with comprehensive and relevant risk telemetry, executives can make business and investment decisions accurately.

• Cyber Incident Analytics (CIA)

Enable businesses to comprehensively respond to security incidents with not only tactical information but also strategic-level insights by mapping associated campaign, hacker's affiliation, motive, and mechanism. By taking an intelligence-based approach to managing cyber incidents, businesses can prevent the occurrence of similar cyberattacks.

Additionally, the enhanced version of DeCYFIR includes the following key features:

• Risk Dossier

A threat playbook that provides complete contextual and correlated details of threats discovered by DeCYFIR. This provides businesses with the ability to attribute different elements of threats, gain a holistic view and decide on the remediation actions required.

• Threat Search Engine

A dedicated search engine that enables businesses to search the dark, deep and surface web, P2P channels, bin sites and other data sources to retrieve information related to specific cyber events, attacks, incidents, malware, vulnerabilities, campaign, and threat actors. The powerful search engine also correlates the findings, decipher the signals, and connects the dots to give security professionals timely visibility to evolving threats and risks at their fingertips.

• Complete Threat Landscape View

A single pane of glass that offer business leaders and security teams a view into their business’ external threat landscape. The unified view of threats and risks, when assessed holistically, provide the full perspective of the organization’s overall cyber posture.

• Threat View

Threat view provides cyber security teams insights into digital risk, vulnerabilities, cyberattacks, hackers’ interest, Early Warning/Out of Band, malware, phishing, and indicators of compromise (IoCs) with proprietary risk score to gauge the impending cyber threats and risks.

• Risk View

Risk view enables business leaders to understand how their businesses have been trending vis- -vis others in the industry and charting their external threat landscape against different verticals of cyber posture management. Analysis of external risk that impacts their businesses with data tailored specific to their environment. Insights are relevant and timely with the ability to predict impending attacks.

• Risk Score and Hackability Score

Risk Score and Hackability Score are calculated using proprietary algorithms and mathematical models. With Risk Score, businesses gain a vantage view of their external threat landscape and understand how they stack up against their industry peers. Hackability Score serves as an indicator on how hackable businesses are and their level of attractiveness as a potential target.

CYFIRMA, which is recently listed in Gartner Market Guide for Security Threat Intelligence Products and Services 2020, works with many major businesses including the likes of Digital Hearts, and other conglomerates in the high-tech manufacturing, media, financial services, consumer goods, retail and F&B industries to unravel cyber risks and threats.

Jun Watahiki, Head of Security Operations Centre at Digital Hearts, commented: “At Digital Hearts, we operate a state-of-the-art Managed Security Services (MSS) platform for customers across many industries. Clients rely on us to keep their data and assets safe and secure. We have been collaborating with CYFIRMA for the past one year to integrate their threat intelligence and indicators of compromise (IoCs) into our platform. The threat intelligence provided by CYFIRMA is distinctly different from the variety available in the market – the ability to correlate threat indicators with threat actors is a powerful feature.”

“Combined with our managed security offerings, CYFIRMA has contributed to helping our clients strengthen their security controls, and mitigate risks associated with malware and other cyberattacks. We chose CYFIRMA’s threat visibility and intelligence product because we want our clients to have the advantage of quality cyber intelligence. The partnership with CYFIRMA enables us to deliver our more unique offerings to the Japan market,” added Watahiki.

As digital landscape expands and hackers and state-sponsored groups extend their cyber warfare into businesses and homes, reining in cyber threats and risk requires a mindset shift towards an intelligence-based predictive approach. The DeCYFIR platform is designed to decode threats and uncover hidden signals in the hyper-connected world.