The role retailers should play in driving IoT security certification standards

"One of the biggest risks to IoT is that there are currently no security standards for the hundreds of new IoT devices that flood the market each year. For e-commerce, we rely on SSL to consistently secure our devices. For computers and other devices in the enterprise, communication between machines and with servers is protected via the standard TCP/IP framework. IoT devices, however, are largely left unsecured, with most products being produced in China with little regulation. Worse, end users are often completely unaware of all the sensors IoT devices include and the ramifications they may have for privacy, such as a smart lightbulb that also records video and audio by default, for example."


Read more here.

Let's free our analysts

There is no disputing it: The way we manage cyber security is broken.  Today most organizations see hundreds if not thousands of cyber attacks daily, sending each of these attacks to a human analyst for investigation is no longer scalable.

Our belief is that to stay effective, the Security Operation Center (SOC) will need to go through the same revolution the auto industry did moving many manual manufacturing tasks to robots.  JASK believes human analysts will always be the most effective defense to complex cyber attacks but not if they are stuck in constant alert triage (the digital equivalent of hand painting cars on an assembly line).

JASK's goal is to re-imagine Security Operations, by hiring the best computer scientists, math experts and machine learning gurus to develop the technology that will enable our best SOC analysts around the globe to work together training machines to automate discovering, responding and even learning about tomorrows cyber threats so we can free our SOC analysts to do the work that really matters most: protect our organizations information!

We have finally reached the perfect storm of technology, policy and opportunity to completely re-factor Security Operations with the major advances in open source big data and AI software and general adoption of cloud native services throughout the enterprise.

Our bet is that now is the right time for this disruption and JASK is fully committed to working with you to solving this problem.  Our newly released Trident platform is already defending dozens of large organizations globally and can start learning and automating work for your analysts today!

Let's free our analysts.


Co-Founder and CEO


Greg Martin: Security operations is broken, and AI can fix it

"To uncover how to improve security, we must first consider that the way we perform security operations is broken. Security operations teams — often part of a centralized security operations center — are responsible for defending a given organization from the latest emerging threats. Teams of analysts monitor intelligence sources, including the news, social media, vendor intelligence partners and the FBI’s publicly available guidance, for information about potential new cyberattacks that might target their organization. We have supported our humans thus far with a complex deployment of layered cybersecurity defenses. This approach has proven to be fairly unsuccessful.

One way security operations teams can improve their ability to identify and combat threats is by improving the speed with which they process and react to those threats. Introducing speed into today’s security environment requires artificial intelligence (AI)..."

Read the full text of Greg's recent guest article on TechTarget's IOT Agenda:

Security operations is broken, and AI can fix it  (July 27, 2017)

The Modern SOC Runs on Slack


The modern SOC runs on Slack!

I was first introduced to the concept of using modern web collaboration apps like Slack or Hipchat for Security Operations by another great security startup: Area1 Security. They were piping security events into Slack automatically and using SlackBots to help with analysis.  At JASK we have also embraced this model, our product now fully supports Slack and we actively encourage it's usage as a primary communications channel for security teams working remotely or even within the same SOC ops room.   The ability to easily add custom integrations, collaborate, and automate enrichment with other tools via the simple plugins and slackbots, truly makes this an ideal platform for collaboration around cyber security incidents!  The team at JASK thinks that Slack is the future of Security Operations and is a great canidate to be the new “Single pane of glass”.  Are you currently using a collaboration tool like Slack to power your SOC??  We want to know and hear about the tips and tricks you have developed for your team.  Get in touch with us on twitter @jasklabs or with the author directly @gregcmartin

Greg is the Co-Founder and CEO of JASK and has a long and storied history fighting bad guys on the internet.  JASK (based in Silicon Valley) is the leader in AI for Cyber Security.


Cyber Weapon Proliferation


Government grade cyber weapons with dramatic real world consequences like STUXNET not only exist but have long been feared by experts due to their ability to be acquired and repurposed by others.  For example, a terrorist organization like ISIS, wielding a tool like STUXNET, could aim it at Western power grids or nuclear plants.

While STUXNET did actually leak un-intendedly to the public through a bug in the propagation code and some mis-guided upload tests to services like VirusTotal, it’s risk was mitigated by the fact that the source code did not leak.  Even in this circumstance the leaked weapon posed a real threat, as it was quickly reverse engineered and new concepts taken, but was still very difficult to re-purpose or "weaponize" the tool to attack others.  Fortunately, in the case of STUXNET, it was designed for one very specific purpose and thus it’s usage elsewhere was largely minimized .  Now on the other hand, if the source code of a sophisticated cyber weapon ever leaked out to the public it could allow any group, including a terrorist one, to quickly weaponize and use it at their own will, significantly raising the stakes to alarming levels.

This leaked source code scenario described above would be a security risk to all, and unfortunately as of last week’s Shadow Brokers event leaking NSA hacking toolset, this potential “doomsday” event is now a reality.  For the first time ever, government grade (multi-million dollar) cyber weapon has leaked in source code form to the general public giving dangerous groups control of said weapon...

What has been the fallout since some of the tools have leaked?  What are the serious concerns of the leak?  What shouldn’t we be concerned about related to the specific leak?  Is this the cyber doomsday scenario experts have worried about??

The simple answer is: No.

Let me break down the “Why” for readers including what happened:

Last week a group calling itself The Shadow Brokers offered a leaked cache of files most professionals confirmed to be authentic source code of NSA Cyber Weapons.  Here is a no-nonsense evaluation of the leak and its potential risks:


The good news:

  • The leaked data is approximately 3 years old, which in cyber security terms is ancient, as vulnerabilities are monitored closely, and software updates make older hacking tools less effective.
  • The tools are not destructive in nature and instead are designed to give stealthy access to networks, thus becoming incapable of causing physical damage.
  • The majority of the tools are purportedly still un-available to the public.


The bad news:

  • Despite the age, at least 3 of the released tools are confirmed to still work and hard to fix (old versions of product that are widely used and hard to update and upkeep).
  • The tools give “God” like access to many very popular routers and firewall devices giving them full control of the network.
  • The tools could be turned into a destructive like worm disabling thousands or hundreds-of-thousands of networks.
  • The tools could be used by almost anyone to “hack into” or leak sensitive information like conversations or emails from hundreds or thousands of organizations around the globe (this was the purpose of the tools after all)
  • There are perhaps more tools that will be leaked out and can happen very soon.
  • The tools are very simple to use, requiring very low technical sophistication to operate.


What do you think about Shadow Brokers and Cyber Weapons?  Reach out to us @jasklabs on twitter with your thoughts. 

Article by Greg Martin, Co-Founder and CEO of JASK a Silicon Valley based startup building AI for Cyber Security.    Follow him on Twitter: @gregcmartin