Real-world examples of Invincea at work.

Client Stories

Invincea is at work protecting some of the largest corporations and governments in the world.

Our solutions are in place across both the private and public sectors. Within the private sector, we are working with many Fortune 1,000 companies and have developed domain competency in the high tech, pharmaceutical and healthcare, oil and gas, financial services and transportation sectors, to name a few. Our breach prevention platform helps these organizations combat tenacious, persistent threats and keeps their intellectual property safe. Within government, Invincea works across the civilian and DoD domains to help combat sophisticated cyber espionage attempts and keep these agencies and departments focused on their mission.

Take a look at a few case examples of the Invincea solution at work:

Breaking the Infection/Remediation Cycle  

As the news unfortunately shows us, corporations are falling victim to cyber breach at an alarming rate. Invincea is often engaged by corporations after a breach has been detected to assist in preventing reinfection.

The Problem: A prominent organization had fallen victim to a clever spear-phishing attack seemingly originated by a Nation State actor. The organization became aware of the attack months after the fact, with a great deal of damage already done. They immediately set to work to remediate the problem. Massive amounts of unbudgeted time and money were spent to root the adversary out of the network…and the realization came quickly that the adversary would not stop coming. Something needed to be done to protect the organization’s employees from falling victim to future spear-phishing attacks and training was not an effective answer.

“Invincea does exactly what they claim – kills malware in its tracks.”

The Invincea Solution: The security team spent a great deal of time looking for an advanced malware solution – and talked with the vast majority of vendors in the space. They heard a lot of promises and ran a number of proof of concept engagements that failed to deliver.  Invincea was recommended to the organization by a leading Incident Response firm – and at first the client had a great deal of skepticism – until Invincea engaged in its five day malware challenge.

Invincea has an easy way to test the breach prevention platform and we do it against live malware. We like to say that our proof of concept engagements could be over in minutes.

  • We work with the Security Operations Center (SOC) team to deploy our endpoint application to a small number of desktops.
  • We turn on our intelligence capture platform (Threat Data Server)
  • We invite the team to hit live malware…the results are often mind boggling.

We were able to show the client exactly how malware bypasses other layers of their defense-in-depth and show Invincea killing attacks directly in its tracks. We showed powerful integration to technologies like ArcSight and NetWitness and from there the decision was made.”Invincea does what is says it does – let’s roll to the entire enterprise!

Lightning Fast Return on Investment (ROI)

Justifying security expenditures is often a difficult task – how do you quantify the savings of a thwarted breach? How do you recognize cost reduction against security and IT related tasks? How do you assess the impact of downtime?

Working with one of our clients – a large government agency – we were able to uncover the raw numbers behind the questions above and more. Using their own data – signed off on by their financial department – we were able to demonstrate an incredibly fast and sizeable ROI.

“Invincea paid for itself in six months!”

The Problem: The client found itself in a constant battle against malware – many of the attacks driven by Nation States, some apparently more geared to cyber crime. More than 1,300 incidents requiring re-imaging of employee machines happened in one year alone – at a cost of roughly $3 million dollars. Some of the more sophisticated attacks required expensive network remediation. Each incident took roughly 14 days from start to finish – driving significant employee downtime.

The Invincea Solution: The client conducted an initial proof of concept with Invincea that left them very impressed. They set out to deploy across the entire agency using the following cost justification.

  • 40 hour of IT admin work per incident | 20 hours of lost productivity = $3 million per year
  • 95% of the incidents related to malware encountered through the browser or email client  = Invincea eliminates $2.8 million in costs per year
  • When factoring in the cost for Invincea licensing, the agency saw a payback period of six months

Restoring Services to a Massive Workforce

In cases of severe infection, Incident Response firms may advise taking drastic action – such as pulling down Internet and email access for whole divisions or even the entire firm. Once the situation is remediated, life seldom returns back to normal for the organization and its employees. Access to content is often limited so much that employees suffer massive productivity losses and become somewhat disgruntled. This was the case with one of our client organizations.

The Problem: The firm had suffered repeated attacks coming in through the web browser - and given the sensitive nature of their business had taken the drastic step of pulling thousands of employees off the Internet. Obviously, this caused a significant impact to productivity during the remediation period. When access finally was restored, many sites were blocked – Facebook, Twitter, LinkedIn, personal email clients such as Gmail and Yahoo!…none were available to employees. With a young workforce and a progressive outlook related to work/life balance the company found itself in a bit of situation. How could it give employees back what they were looking for and still reduce the security threat from the Internet?

“We get the best of both worlds – employees have free access, our business is secure.”

The Invincea Solution: At Invincea one of our core value propositions is that we give the employee the unfettered access to the Internet that they want/need – without trading off security. Our philosophy is simple yet elegant – protect the user from all untrusted content by putting them in a bubble – segregate malware from the host operating system by putting it in an airlock.

The client was thrilled with our initial engagement – where we showed that the user was not required to change behavior in the slightest, yet the business could rest assured that malware (whether known or zero-day) would be stopped in its tracks. We’ve not yet reached full enterprise deployment with this client but for the divisions we are supporting, access to the Internet is unimpeded.