CyFlare Announces Managed Remote Access Service & Advanced DLP Security Features

Rochester, NY, March 29, 2019 — CyFlare has announced it will be providing subscribers a new remote access service powered by TransientX, that provides organizations needing to publish internal applications to employees or contractors without the need for a VPN and frustrating end user experience.

The solution allows users to connect on demand or leverage application networking to seamlessly connect to internal applications that normally require VPN and other remote access solutions that generally introduce significant and unnecessary security risk to organizations.

CyFlare Remote Access allows Windows, IOS and Android users the ability to authenticate with the cloud-based service communicating only with a connector that sits privately inside the network. This connector brokers communications with the requesting clients allowing no public exposure, no VPN and fully federated authentication options.

A key differentiator of the offering enables several advanced security features that are directly tied into the CyFlare SOC including key logger and screen capture prevention along with clipboard protection. The solution is directly integrated into the companies SOC In A Box appliance series allowing clients to simply have CyFlare turn on the service within minutes when needed.

“In cases where organizations are simply enabling remote workers access to internal applications a traditional VPN or SSL VPN options introduce significant security risks, costs and undue management burden.  Additionally, these applications are typically sensitive and the security telemetry the SOC receives directly allows us to add significant value by reducing TCO, improving end-user experience, enriching SOC visibility and investigation quality.” Says Joe Morin – CEO & CTO CyFlare

“Legacy solutions like traditional VPNs or SSL VPNs are not designed for the Cloud and BYOD era we live in today. “Trust” is embedded in the fabric of the networks built by these solutions and as recent high-profile breaches like those of Travelex and Airbus showed, extending this inherent flaw to 3rd party vendors and users is a recipe for a data breach disaster.  With a top 100 MSSP like CyFlare, we will be able to offer managed zero trust network access services to enterprises of any size as a radically simple solution.”  Says Egemen Tas – Founder & CEO TransientX

The company is encouraging partners to reach out and request a trial to see for themselves the power of the platform and service.  Clients interested may reach out to their local Value-Added-Reseller or contact CyFlare directly for an introduction to one of the trusted partners in their area. More information is available here:

About CyFlare ( ):

CyFlare is a 24×7 Cyber Security Operations Center purpose built to enable Value Added Resellers, security partners and security vendors with MSSP and XDR services either as powered by or as a white label service. CyFlare enables VAR’s who cannot afford to invest or don’t have the desire to focus on building those capabilities. It offers these benefits with no up-front investment or expertise required. CyFlare offers a wide array of other managed security services on mainstream vendor security solutions to augment partner capabilities when and where needed.

About TransientX ( ):

TransientX, Inc is a zero-trust application networking company that provides a suite of products that help organizations transition from device centric networks to user & application centric networks while leveraging Zero Trust networking architectures.

# # #

If you would like more information about this topic, please contact Lola Ignatowski @ [email protected]

6 Things IT Admins Should Validate Right Now

To CyFlare Partners & Clients

We know that our partners and clients depend on CyFlare for cyber security services. Due to the pandemic, and the havoc that is being experienced across the world, we wanted to offer up some preventive measures as a follow-up to ensure security compliance.

As IT organizations modify and change controls to enable business resumption for remote workers, changes to operations and Identity & Access Management changes, this can result in human error with mis-configurations, other un-controlled actions etc.  IT groups are being tasked to get employees and other remote services setup and running with new configurations.

Below are some “use cases” identified for your awareness to potential exposures created due to emergency actions / reactions during this time.  Please validate and address these areas to reduce potential exposures:

  1. Lock Down RDP – Triple check access control lists responsible for limiting access to machines allowing RDP connections from the public internet. This is one of the most common but critical mistakes a security team can make. If you must expose a machine, be sure your whitelists are very explicit. We also have simple to deploy solutions that take away any requirement for public exposure to RDP.
  2. Scrutinize VPN – Setting up VPN tunnels to access the entire network with trusting everything and everyone. Be sure your VPN ACL’s are heavily scrutinized and limit VPN users to just the specific items needed. Bad actors are extensively targeting VPN’s for obvious reasons.
  3. Scrutinize Firewall ACL’s – Mis-configuration of Firewall’s that may expose some specific group’s/users/machines to the Internet. This allows for scanning, brute force capability, exploit delivery and additional reconnaissance that must be avoided.
  4. Identify & Monitor Un-Managed Devices – Un-managed devices allowed to access corporate resources allows for irregular and dangerous situations. Allowing un-managed machines or devices to access corporate networks and resources unrestricted allows for countless possible catastrophic scenarios . Constant monitoring and paranoia for anomalous internal and external traffic must be investigated immediately, particularly if it is an un-managed machine.
  5. User Behavior Analysis – User behavior and login activity monitoring is now more complicated to interpret due to the remote workforce. Keenly check for any UBA related detections such as login location anomalies, application usage anomalies, payload anomalies, login time anomalies etc.. Machine learning is now essential to capture these changing behaviors. Static analysis will not be effective.
  6. Force Endpoint Protection All Devices – Not having a proper Endpoint Protection solution on un-managed devices may also cause possible bad download, misc alarms, anomalous processes that in turn causes data leakage, loss of confidential information, harvesting etc., but still visible in the network due to the traffic being captured by the sensor that may trigger alarms.

All of these lead to increase attack potential and can cause account take overs, privilege escalations due to accessibility / usability, suspicious IOC’s and many other use cases that may not have been thought through.

At CyFlare, our Analyst are aware that Clients are making various changes to their environment and want to ensure your IT organizations review all changes to avoid incidents.  We look at these areas outlined as part of our initial steps of our triage process in incident response.

Thank you for being a CyFlare clients and entrusting us with your Cyber network threats and security needs. These are challenging times, but I want you to know that we stand ready to help however we can. We understand the critical role we play in the Cyber Security of our partners and client’s infrastructure and we are continually humbled by the trust you place in us. Together, we will get through this.

Please subscribe, if not already to the CyFlare Trust page to receive continued updates and instant notification should there be any disruption to service or related communications.

Maneesh Thammishetti
Platform Architect
CyFlare, LLC ( )

Straight Talk On Mid-Pandemic Cyber Security


I have been thinking for a couple weeks now on what I wanted to share, how it should be shared etc.. I am glad I thought instead of wrote and shared in haste.

As it relates to enabling knowledge workers to remain productive and  secure while remote, It should have been a non-event.

What I’ve seen is propaganda by vendors, reaction and regression with clients. None of it was necessary. That said, we do have many clients who have done a world class job preparing and reacting.  They knew enough to look for help ahead of time and that says a lot!

Clients have repeatedly asked me what does this mean for CyFlare and how will it effect service. Even when the questions came to us early and a few details were still to be laid down internally, the answer was still quite simple because the answer is the same for us without the pandemic situation.

We have policy, we have controls, monitoring and an incident response plan in place for 365 days a year, not for a pandemic. We had to write a couple internal / external communication emails and deployed updated hardware to staff is really the net of the impact for us at least.

The Point

In the cyber security context, today’s “remote workforce” problem is not due to the Pandemic, it is due to an organizations collective failure to do the right things one day at a time over the last few years.

How do projects get years behind? One day at a time is the answer. To follow that up, there is a polish saying of “Sleep faster, we need the pillows”.  Therefore, it cannot be expected to rush through what should have been years of planning and doing into a couple of days of scrambled activity.

Transitional Starter Kit

There is no silver bullet but here are things that just have to be done. It does not have to be hard or expensive either. For the resources responsible for IT and / or Security here is some straight talk guidance:

People and Process Items

All organizations have varying levels of maturity, compliance drivers, associated risks, personality, culture etc.. The reality of the list below is that you have done, will do or will not do them will certainly vary. That said, they simply all need to be done.

  1. Determine but prioritize your organizations goals and fears
    1. Identify what your organization is trying to do, why and when
    2. Take inventory of what your organization fears as it relates to security, compromise, loss of data, systems etc…
  2. Communicate and educate leadership
  3. Ask leadership for decisions
  4. Create / Update Info Security Policy and basic related procedures
  5. Get informed about departments, roles, systems and needs
    1. Helps identify least privilege strategy
    2. Helps prioritize access and deployment

Security Control Related Items

    1. Protect your accounts!
      1. Enable MFA, like seriously, enable MFA
      2. Monitor every system you care about for authentication & action activity
      3. Know your accounts
        1. Who does what, when, from where, to what,etc..
        2. You need to know your baseline / normal otherwise you wont know the anomalous
    2. Deploy Full Web Proxy – Cloud Based
      1. Every connection to / from the internet must be fully inspected
      2. Every machine, protected from anywhere, same policies, everything logged
    3. Deploy Advanced Endpoint & EDR
      1. Last line of defense – make it a great one
      2. control usb & bluetooth, enable firewall etc..
      3. Ensure you have visibility to everything on the endpoint
    4. Kill your end user VPN, There is a better way
      1. Connect your people with apps intelligently and far more securely
    5. Know your vulnerabilities
      1. Scan your systems, get them patched / updated
      2. This is inexpensive and easy to do
      3. Start with public facing apps, machines, etc..
    6. Monitor everything you decided you cared about (or feared)
      1. Get in the knowing business, collect knowledge
      2. Determine Metrics

Continuous Improvement

Take your knowledge and metrics and apply them back through the mentioned steps.

Current events are forcing a scramble to do what should have been done all along. A proactive cyber security program and vigilant execution of it is not optional. Several well known frameworks exist to highlights layers of detailed directives to address many other processes, activities and controls that can take you further.

Cyber Security Community Support Program

In response to the global pandemic and massive movement to a remote workforce, CyFlare is offering consulting and solutions to Rochester area organizations who are looking for guidance on how to securely enable their remote workforce.

We are committed to supporting the greater Rochester area and doing our part while we all work through these new circumstances. We will prioritize essential services such as municipal, education, healthcare etc… and reserve the right to refuse assistance to protect the service delivery of our current clients and honor commitments made.

Given the nature of our business we work exclusively and extensively with our technology partners.

We recommend organizations reach out to any of these partners in the area to get us engaged:

You may also reach us direct at 877.729.3527 or via live chat on our website.

The details of the offering are as follows:

  • Free deployment and usage of our Sentinel One Complete advanced endpoint protection for 60 days, up to 25 endpoints per organization. 24×7 monitoring and & incident response is not included
  • Free Security Posture Assessment and guidance
  • Free Alien Vault deployment audit for those clients who have Alien Vault and want to make sure they have complete visibility
  • Free Darkweb scan against your organizations email domain
  • Free usage of the Breach Detection System for 60 days
    • Choose one cloud integration to enable account takeover related activities (Office 365, GSuite, AWS or OKTA)
    • Windows agent deployment to domain controllers
    • Setup and knowledge transfer is included
    • 24×7 Monitoring & Incident Response not included
  • Free CyFlare Remote Access for 60 days – Get rid of your VPN and provide ultra secure access to your internal applications for up to 10 users
    • Does not include optional appliance for easy setup and deployment
    • Includes initial setup and knowledge transfer
    • Protects your users from key-logging, screen-scraping, clipboard tampering and soon, session recording (movie replay)

We look forward to supporting the community that has supported us.


Communication In Response to Covid-19 (Coronavirus) and Business Continuity

To CyFlare Partners & Customers

We know that you our partners and customers depend on CyFlare for your cyber security services. I wanted to send you a personal note to let you know how CyFlare is dealing with the COVID-19 (Coronavirus) global outbreak and emergency. Our foremost concern is for the health and safety of our employees that deliver our 24×7 services to you our partners and customers. With this same priority, ensuring there are no business impacts to our services is highly possible by our services business model.

About our Infrastructure & Work Force

CyFlare has made a significant investment in infrastructure to ensure all CyFlare customer facing services are cloud based to minimize service outages.  CyFlare support is centrally provided by the (SOC) Security Operations Center located in Rochester NY, which is augmented with a remote site, with virtual working resources.  The command and control are managed out of our SOC, and customer remote site will remain fully operational.  With this operational model, the company’s workforce has the capability of working virtual, therefore we do not anticipate any business impacts due to COVID-19.

Although we do not anticipate any office closures, we cannot anticipate or control local State & Government decisions for work closures in Rochester, NY.  If we are mandated by local agencies to close our offices due to COVID-19, we would invoke our business resumption plans and direct the workforces (if affected) to work virtually.  Our command and control will still maintain oversight to the day to day operations and the support provided by CyFlare.

Continued Monitoring and Adjustment

At CyFlare, we recognize that in the coming days there will be a strain put on the infrastructure of all companies doing business (virtually) in our global workplace.  We will continue to monitor for changes in cyberthreat patterns and adjust our support focus as required to maintain the level of service provided.  Again, our SOC remains fully operational 24×7 and is continuously monitoring for any new security threats that may emerge.  To obtain a daily historical status of our services, we invite our partners and customers to visit our Systems Status Page at

Thank you for being a CyFlare customer and entrusting us with your Cyber network threats and security needs. These are challenging times, but I want you to know that we stand ready to help however we can. We understand the critical role we play in the Cyber Security of our partners and customers infrastructure and we are continually humbled by the trust you place in us. Together, we will get through this.

Joe Morin
Co-founder & CEO
CyFlare, LLC ( )