Most companies and consumers are unaware of client-side malware attacks–but they should be. This rapidly growing threat bypasses traditional security solutions and infrastructures and can cause significant damage to website, damaging company’s business, loyalty and trust and manipulating user experiences while remaining largely undetected. Namogoo is a security startup that is certain to disrupt the industry by using Machine Learning to detect and resolve client-side threats. Recently, we had the opportunity to interview Chemi Katz and Ohad Greenshpan, the CEO and COO and co-founders of Namogoo about this revolutionary approach to security, and their mission to partner with CDNs.
Tell us about your background?
Chemi: I have about 20 years of experience in security, commerce, and advertising. I was previously the General Manager of DoubleVerify Israel, head of cloud and security at LivePerson, CIO and CISO at Aladdin, and head of security sales at Bynet.
Ohad: I have a PhD computer science and worked for many years at IBM, where I worked in their Research Labs, and was one of the founders and leaders of the Serious Games domain, worldwide, and the CEO and co-founder of Fashioholic. We both come with strong backgrounds in security, e-commerce, big data, and we complement each other in many different ways. We are both passionate about building technologies that generate significant impact.
How many employees do you have and when were you founded?
Namogoo was founded in August 2014, currently has 15 employees and growing rapidly. We are very selective in the employees we bring on board. An all-star team – all are super smart, creative, built from the startup ingredients and experts who come from the relevant experience and backgrounds.
How much venture capital have you raised?
We currently have six million dollars, and our lead investor is Blumberg Capital. They are a leading San-Francisco based venture capital firm with great traction and successes in the security, cloud and fintech spaces.
Could you give us a brief introduction to your company?
Namogoo creates a new layer of security that protects companies’ online assets from client-side threats. Namogoo is a market disruptor and, with a unique technology, looks at security problem from a big data perspective. Most security companies try to address the problem by identifying the malware, installing it, and attempting to reverse engineer a solution. The foundations of our company, however, are Machine Learning and Big Data which makes the tech very robust and scalable and can be launched for any client, any vertical, any geography and platform. With every launch of a new client we don’t have to learn the malware. The whole approach is data-driven and automated. We are starting the revolution from the top by going to the big companies, and we’ve gained a lot of traction with Fortune-50 to Fortune-500 companies.
We see client-side security as an interesting story because when we come to clients they don’t know about the problem. They don’t see the impact of these threats because the problem exists on their customers’ computers, and these customers may not even know they’re infected. In the majority of cases they don’t call customer service to complain. In other cases where they do complain – complaints do not always reach the top management. We do see a significant decrease in customer complaints after the technology is deployed.
We are the first company to educate the market that the problem even exists. It’s a tough goal on one hand but exciting on the other hand. As a leading company, you always want to be a disruptor, not a joiner. That’s where you create the impact, you define the rules and you lead.
What’s the security problem you’re trying to solve?
We provide a new security layer that protects companies from threats coming from end-customers’ side – either their computers, devices, browsers or network. These threats can be malware that the customers have installed on their device, unknowingly, or wifi network. These attacks may affect your experience with any website; your session and bank account might be hijacked while attempting to purchase products off a company’s website. We also leverage our Machine Learning technology to detect and mitigate automated attacks collecting intelligence or conducting fraud activities through headless browsers. The threats might come from the computer or from the network, for example, if you connected a clean computer to a non-secure WiFi that has been hacked.
Namogoo is a business-to-business company that provides a new security layer for our clients’ websites and provides them with visibility and protection against this new type of threats.
What sets you apart from other security companies?
Most security players focus on providing protection on the server side or with infrastructure, or they help protect a company’s employee devices. Our space is on the end-customer side. It’s interesting because first, if you’re a company, you might have thousands of employees, but tens of millions of customers. So we’re dealing with a different order of magnitude of threats. Second, the companies cannot enforce customers to install any software to address these threats. For companies who have tried this, the install rate is very low. Third, there is great variety in the types of attacks because we, as users, are mislead to download all kinds of things to our computers and devices and we connect to non-secure networks. We torrent, visit unsafe sites, use non-secure WiFi in coffee shops, download pirated software that could be banded with other software and infect us.
And once we are infected, we could go to a company’s website and the session is compromised. The session gets injected with code or widgets that are not part of the original session. So the value we can bring by removing those threats is endless.
What we provide is tech that is deployed and protects web sessions from client-side threats. Think about it like a session file: it comes with the session and leave with the session. We are deployed on the company’s website/application, providing the company a security layer to protect the website from any kind of threat coming from its customers.
Do you provide software or cloud service?
Namogoo is a cloud service that you deploy through adding a Javascript code. Alternately, a CDN could provide the code to all of its clients as a significant added value over competitors.
How do you deal with website vulnerabilities?
Any website is vulnerable from the client-side, the customer is vulnerable and serves as a vector of attack to manipulate the session he or she does with the website. Any server-side or platform-side solutions companies implement would be useless from this perspective. One major type of attack is from social engineering threats, like fake surveys or phishing, which manipulate your experience as a customer and mislead him or her to provide sensitive data. So in this case, if you were to go to a bank site, you might see a survey that has been injected into the page. The goal of the survey is to ask sensitive questions about your data and purchasing habits, gather that data, and send it back through their servers. Another way they might obtain that data is to offer a deal, but tell the customer to provide details about them first “so we know you are who you claim.” The major threat to the company is the trust issues it creates in the customers, but it also distracts customers from their actions on the site. It’s a weird behavior that you have as a customer, because it makes customers think it came from the website. There would be no way to even see it happened.
What is the entry-level price for your services?
We provide a tier-based pricing model that is based on volume. Namogoo provides two products with a different set of capabilities, CyberKnight for financial services companies and DigitalKnight for eCommerce and Publishers.
Could you give us some other examples of types of client-side attacks?
Other examples are ad injections – banners, pop-up ads, in-text ads and product recommendation widgets that encourage shoppers to download software or to shop at a competitor site. This malware manipulates the session and affects the visuals, pushing things down, covering things up, etc. They can make significant damage to the site’s appearance.
Another is affiliation hijacking, which creates a leakage of marketing money. This injects notes for products of the same company or redirects without any visual and adds an affiliate code to the URl, making notes to pay commission for traffic it hasn’t brought. Companies end up paying to players they aren’t supposed to pay for non-services.
Authentication fraud is well-known threat for financial services companies and banks. This, for example, would be a short script that has no visual presence but monitors key strokes and steal sensitive data. It’s like a keylogger: any login info, anything you type would be monitored by this script. This is a backdoor for hackers to take your credentials that requires no confrontation with the banks’ security solutions and infrastructures implemented on the server-side.
There are also ways accounts can be taken over through Remote Access Tools. You might get a malware message that says to wait while security settings are checked. While you wait, your account is taken over–they wire money and close the application.
Bots are another client-side threat, which work at the application layer. Client-side bots that run through headless browsers cannot be detected by the server-side tech that various tech companies use to classify malware, but we can identify if a current user is a bot.
How do you identify malware and bot? Is it through baselining traffic or some sort of fingerprinting technology?
From the client perspective, it protects the app–our clients don’t need to install any on-premise solution and there is no need to configure policies manually. It is all based on Machine Learning and is therefore designed to handle zero day attacks. All they need to do is integrate one line of Javascript into their website. From a maintenance perspective, they don’t need to maintain anything; we designed our system to be agnostic and do handle any AB test the website is doing in parallel, so clients don’t need to update their system or notify us. We utilize Machine Learning, so our code learns malware patterns from session to session, so from the client’s point of view, they don’t have to do anything; they’re just protected. With every client we bring onboard, everything is automatic on our end. Our code will learn the model of the client and learn how to detect anomalies and block them in real time. The technology is a great fit for CDN vendors as it is 100% scalable, distributed, automated and robust.
What kind of analytics does the platform provide?
We provide robust analytics and drill down metrics that are visible in a dashboard We have clients worldwide, and we can provide them with numbers about infected pages, bot sessions, infection rate, etc.–all split by category. Then for each category–for example, threats–you could see what occurred, who is doing it, and where they’re coming from.
You can also see what the injections look like based on your customers’ experience. Customers sometimes can’t see the page or the ads slow down the page. There might be broken ads that look bad. It’s a horrible customer experience, and can be severely damaging to your brand and your customers’ trust if the ad is for something weird or inappropriate. In some cases, there are video ads or Flash ads that will slow down the page significantly, or create an overlay on the whole page that prevents customers from clicking on anything. They can’t get to the original page unless they click on the malicious link first.
Namogoo is a Big Data company and invests a lot in data and we expose our data, anonymously, at a high resolution and both in real-time and offline, in various ways.