Aviva Zacks
Aviva Zacks of Safety Detective enjoyed meeting with Benjamin Hosack, CCO and Co-Founder of Foregenix. He told her about his company’s FGX-Web, WebScan, and Serengeti.
Safety Detective: What motivated you to start Foregenix?
Benjamin Hosack: We worked in a great company that was acquired by a fairly large competitor. We had been beating that competitor in the local markets and felt that we had an edge that changed how we treated our customers, and how we managed projects. We felt we could do better and deliver a better service to our clients, so, in 2009, my partner and I stepped out and started the business with the objective of creating a better place for our clients and for our colleagues.
We’ve done quite a lot towards creating that, many of our clients moved with us from the first company to the second and they have been with us for a decade. I think that speaks volumes in terms of how we deliver our service and look after our clients.
SD: What does your company do?
BH: We have a very active forensic team that works within the payments industry. We do digital forensic and incident response services outside of the industry, but most of our work is related to the theft of payment card data. If an organization gets hacked, they are required to go through a forensic investigation to find out how much data was stolen, how, and where possible, who stole it. We’ve done a lot of forensic investigations, and, through seeing a large number of cases, we’ve been able to identify common issues within organizations.
The first issue that we detected was that a lot of the solutions which were designed to protect eCommerce sites were focused on big-enterprise and not on the small to medium size businesses that didn’t have the technical knowledge or the experience, and couldn’t afford an enterprise solution.
SD: Can you tell me about your company’s technology and products?
BH: Our first technology was FGX-Web, which we still offer, and it uses what we call the Forensic Indicators of Compromise (IoC) which our team detects through the forensic investigations to protect websites by alerting them when something malicious is taking place on their site.
Our second one was WebScan, which came alongside FGX-Web. We were seeing a constant stream of hacked websites coming through, so we felt that we needed to educate the market on website security. We created WebScan as a free scanner to give website owners insight into their websites’ security posture. We now monitor around 11.5 million sites globally on a monthly basis. We’re constantly scanning websites around the world, tracking malware trends, and seeing which platforms they are attacking. We also publish a Magento Security Report every two weeks.
The third one is Serengeti, which is an Endpoint Threat Detection solution. Essentially, it comes straight out of our forensic lab. We needed to do a forensic investigation years ago in South Africa on a couple thousand different endpoints across many different companies that had all been affected by a piece of malware that was harvesting payment data on point of sale (PoS) systems. The normal forensic approach would have required us to send an investigator to each location to take a copy of each affected system. Given the scale of the challenge, this required a different approach as it just wasn’t going to be feasible from a cost and time perspective. So we created Serengeti to enable us to deploy it widely across all the affected systems and receive telemetry back from those endpoints to tell us if there was malware sitting on those endpoints or not, and, in fact, it enabled us to stop those attacks from continuing.
It is an Incident Response solution and is used in almost every single investigation we carry out, but we also have clients that we are monitoring on a proactive basis because it provides us with greater visibility in their security posture than the typical solutions being used by banks, retailers/hospitality clients. The way we detect and categorize software enables us to very quickly identify something that’s not supposed to be happening on those endpoints. And then our Threat Intelligence Group jumps into action to help.
So those are our three solutions: FGX-Web for eCommerce; WebScan for eCommerce and organizations that have an eCommerce portfolio of clients; and Serengeti, which is an Incident Response and a proactive threat detection solution.
SD: What do you feel are the worst cyberthreats today?
BH: The small to medium-sized businesses out there have very little to defend themselves against criminals, who are quite adept at what they do. They know these organizations can be easy targets. They use tools that are designed to evade detection by normal antivirus/antimalware solutions.
A lot of businesses are getting robbed without even realizing it. And then once they get notified, they have massive liabilities associated with the data that’s been stolen. One part of our jobs that I find quite difficult is helping small businesses understand that there are potentially massive implications to them, which sometimes results in those businesses having to close. They can’t afford to keep going and pay the liabilities, and some of them lose the love that they had for their business.
SD: How do you think cybersecurity is going to change now that we’re living through this pandemic?
BH: With everybody moving to work from home, organizations have had to adapt and change their strategies. Cybersecurity has certainly come into focus with the pandemic and as a result, I think it is fair to say that we should expect to see a significant uplift in demand for cybersecurity solutions and services.
Additionally, a lot of organizations have moved online during the pandemic. While it’s good that these companies are suddenly coming into contact with a potentially huge customer base, this new marketplace also exposes them to risks that many are not aware of, or even capable of detecting and managing. I expect that we will see a significant increase in the number of online businesses being targeted by criminals as a result.