Skip to content

Chapter 8

Trust & Cybersecurity

Inspire confidence with a ‘digital trust at scale’ strategy. Understand your evolving threat landscape and swiftly address risks to evolve with adequate measures and ultimate security features.

Lock or Unlock the future?

Can the technologies presented here put us on the path to a better future? Or do they risk leading us down the wrong road? A look at the perspective of our experts.

On the right path…

The shift towards increasingly digital business and operational models is creating new vulnerabilities and risks. Without adequate security and compliance measures, organisations not only expose themselves to considerable damage, but will be unable to build the trust among their customers and employees that is essential for the widespread and sustained adoption of new digital services. However, the maturity of the tools and a growing awareness of the issues at stake may give reason to hope that cybersecurity will no longer be treated as a separate issue, but rather as a differentiating and value-creating factor from the moment new services are defined.

… or the wrong path?

Despite the continued fragmentation of security capabilities, the technologies and concepts are ready to address current and future cyber security challenges, but are the minds? Humans remain the weakest link in all cyber arrangements, and this cannot be solved by a pile of tools. Just as awareness of the dangers of the sea permeates every gesture and every decision on board a ship, the culture of cybersecurity must become a fundamental asset at all levels of the organisation, from strategic choices to daily practices.

Trust Cybersecurity

  • Adopt: 107. Aviatrix 108. Azure Sentinel 109. Checkmarx 110. CryptoNext 111. CyberArk 112. ForgeRock 113. Hashicorp Vault 114. Microsoft Defender 115. Omada 116. Reach5 117. UserCube

  • Trial: 118. Darktrace 119. Netskope

  • Assess: 120. CryptoSense 121. Deep Instinct 122. Devo 123. Lacework 124. Okta 125. Otorio 126. Salt

  • Aviatrix, Adopt

With each cloud vendor offering its own network connectivity tools while providing very few visibility tools, it is difficult to deploy consistent flow management, security or resource allocation policies in a multi-cloud environment. Aviatrix’s solution is to define a unified network and security architecture overlaying the different clouds. Hiding the specifics and limitations of each underlying cloud, Aviatrix gives network and security teams the visibility, control and power they had in their own data center. This allows them to deploy advanced and consistent network and security features such as endto- end encryption or active/ active mode for high availability across different clouds. Aviatrix also simplifies the adoption of a unified segmentation strategy based on traditional firewalls.

  • Azure Sentinel, Adopt

Azure Sentinel is a cloud-based Security Information Event Management (SIEM) and Security Orchestration, Automation and Response (SOAR) solution that centralises and processes the data collected by various security devices, and coordinates and optimises the technical and organisational response to threats. Using artificial intelligence and Microsoft’s experience in cybersecurity, Azure Sentinel provides analytical insight and automation capabilities that result in improved operational efficiency and a more robust incident response. Based in the cloud, Azure Sentinel easily supports changes in scope while keeping costs under control. Azure Sentinel is a solid and proven solution, particularly at ease in predominantly Microsoft environments.

  • Checkmarx, Adopt

Application security starts at the code level, which must leave as few gaps as possible for perpetrators. Checkmarx offers static code analysis (SAST), interactive code analysis (IAST) and dependency analysis (OSA) tools that identify vulnerabilities, assess their level of criticality and suggest remediation actions. With the recent acquisition of Dustico, a software supply chain security specialist, Checkmarx relies on the complementary expertise of its partners – such as Devoteam – to help developers filter the results by providing them with really useful recommendations, and by accompanying their increase in skills on good security practices, notably through CodeBashing, the e-learning tool. It is not uncommon to observe a rapid reduction of 50% to 70% of vulnerabilities.

  • CryptoNext, Adopt

It is well known that the traditional public key encryption devices (RSA-2048) will not withstand the quantum computers announced for 2023. Some hackers are therefore already collecting encrypted data and intend to decrypt it as soon as they get that power. Fortunately, research has uncovered mathematical problems that can defeat quantum computers. The French startup CryptoNext has used one of them to develop a hybrid post-quantum cryptographic library to protect itself today from classical computers and, when necessary, from quantum computers. Companies with sensitive data (health data, intellectual property, etc.) with a lifespan of more than fifteen years should be aware of the emerging quantum risk and evaluate CryptoNext as a means of coping with it.

  • Cryptosense, Assess

With the multiplication of cryptographic uses, it becomes necessary to centralise information in order to have complete visibility of keys, algorithms, protection mechanisms, etc. Without this, there is a risk, for example, of using a key that is out of date with respect to internal policy and/or the regulatory framework, and thus creating a vulnerability. A pioneer in Cryptography Lifecycle Management (CLM), Cryptosense provides inventory, management and compliance monitoring of cryptographic resources. Designed primarily for security teams, Cryptosense is also an operational tool that allows developers to use cryptography in a simple and secure way. Cryptosense’s solutions are primarily designed for mature companies, such as banks, healthcare and sensitive industries, where encryption control is a major issue.

  • CyberArk, Adopt

For hackers, confidential information (passwords, certificates, encryption keys, etc.) and the rights of privileged accounts (administrators, managers, etc.) are priority targets, as obtaining them can immediately give them considerable power. This very specific information therefore requires reinforced control and separate management. Recognised by Gartner as a world-class leader in this delicate area, CyberArk offers a centralised and automated privilege as well as a secret management platform that covers all identities, endpoints and systems in all types of scenarios (hybrid, multi-cloud, SaaS). CyberArk helps to protect against identity and rights violations (involved in 80% of cyber attacks), to comply with regulatory requirements, and to secure digital collaborative processes without burdening them.

  • Darktrace, Trial

A pioneer in the use of AI for cybersecurity, Darktrace identifies unusual behaviour as well as threats that have already been identified. Thanks to machine learning, Darktrace can accurately characterise the usual functioning of the information system, extended to the cloud, and thus immediately detect suspicious anomalies with very few false positives. This innovative approach allows us to respond as early as possible to all attacks, including the most sophisticated. Darktrace offers a detection solution (Enterprise Immune System), which can feed a SIEM; automatic remediation solutions (Antigena Network, Antigena Email), which respond in a rapid, targeted and proportionate manner as soon as a threat is detected; and Cyber IA Analyst, a solution that filters, reconciles and synthesises security information to facilitate and accelerate its analysis by teams.

  • Deep Instinct, Assess

The objective of cybersecurity has always been to intervene as quickly as possible after the detection of incidents, but Deep Instinct proposes to go even further and stop them before they even take place! Thanks to deep learning, the Israel-based editor believes it is possible to detect the early signs of a malware deployment, even an unknown one, and to block it in less than 20 ms, i.e. before it has had the time to start executing. After focusing primarily on the security of information system entry points, Deep Instinct is now extending its preventive approach to the main attack vectors: files, applications, gateways, etc. Although the concept is very attractive, the solution is still in its infancy – and costly – and must therefore be evaluated in an operational context.

  • Devo, Assess

Devo is a modern, cloud-based, next-generation SIEM (Security Incident Events Management) system that is easy to deploy and has very strong analytical capabilities to process data from security tools in real time, detect incidents and assess threats based on context. Its flagship reference, the US Air Force, attests to its strength and performance. In addition to security, Devo also provides a real-time view of the functioning of the information system and analyses its use and performance to optimise operations. Finally, Devo offers an attractive pricing model, which could widen access to this type of solution, usually reserved for very large accounts. This would in any case be invaluable for small and medium-sized companies, which are particularly affected by the delays they often experience in detecting incidents.

  • ForgeRock, Adopt

ForgeRock is an identity and access management (IAM) solution that secures the access of people and entities to all systems and applications, on-premises and in the cloud. ForgeRock’s comprehensive platform includes identity governance and administration, identity federation, multi-factor authentication (MFA), single sign-on (SSO), consent management, API and endpoint security, and many more. Initially built on Sun OpenSSO, it is also a tool that has proven its robustness, flexibility and performance in the most demanding business environments such as banking, healthcare and telecoms. Today, ForgeRock, which was founded in 2010, is the only IAM provider ranked as a leader by the three main analyst firms.

  • HashiCorp Vault, Adopt

HashiCorp Vault is a tool for centralising the secrets (passwords, certificates, encryption keys, tokens, etc.) needed by applications to access protected resources. Secrets are stored, encrypted and auditable. HashiCorp Vault manages their generation, rotation, renewal and destruction in an automated manner in accordance with corporate security policies. This allows the life cycles of secrets and applications to be decoupled, as applications only need to be authenticated to access secrets. This means that developers no longer have to know about them, copy them, hard-code them or worry about them expiring, resulting in considerable productivity and security gains. However, the implementation of such a centralised management of secrets has significant organisational impacts and requires support.

  • Lacework, Assess

Lacework uses data and AI to improve cloud security. Its technology, called Polygraph, continuously monitors the application environment and identifies deviating behaviour. Thanks to the data at its disposal, the solution is then able to analyse the origins of the anomaly and assess its level of criticality before launching an alert, if that’s necessary. The finesse of the analysis allows it to eliminate false positives and to focus on the most critical incidents, which Polygraph allows to treat with all the more efficiency as it provides a detailed report on their nature, their origins and their implications. This close monitoring also makes it possible to follow the evolution of the configurations of the various components and to indicate when they are not in conformity with the rules of the company.

  • Microsoft Defender, Adopt

Microsoft Defender, the former name of Microsoft’s antivirus, now refers to Extended Detection and Response (XDR) technologies dedicated to the user environment. Microsoft Defender prevents, detects and neutralises threats to identities, terminals, applications, e-mails and documents, relying on artificial intelligence and the expertise that the supplier draws from its vast installed workstation base. Microsoft Defender stands out for its effectiveness against malware and the exploitation of security holes, its speed of reaction and its low false positive rate. Thanks to its agent-based architecture, it works on all types of terminals without burdening their resources. The solution has matured considerably since its launch and is now considered by analysts to be a frontrunner in endpoint security.

  • Netskope, Trial

Netskope is a leading player in SASE (Secure Access Service Edge), an approach to cybersecurity that addresses the atomisation of systems and usage in the cloud era. SASE is a cloud-based security architecture that delivers the network and security services needed to protect data, applications and users in a context-sensitive manner, without compromising experience or performance. Netskope’s Cloud Security Platform provides the essential building blocks of a SASE model: Zero Trust Network Access (ZTNA), Secure Web Gateway (SWG), Firewall as a Service, Cloud Access Security Agent (CASB), Continuous Monitoring of Cloud Services (IaaS, PaaS, SaaS), Data Leakage Prevention (DLP). As part of a Zero-trust approach, Netskope gives security teams back control over every application transaction, whether it is performed on internally hosted applications or on external platforms (SaaS, IaaS or PaaS).

  • Okta, Assess

Already a recognised reference in identity and access management (IAM) and ranked by Gartner as one of the leaders in the field, Okta has further strengthened its position with its recent acquisition of Auth0, a specialist in customer IAM. Around its Identity as a Service platform (IDaaS), Okta provides all the necessary building blocks to secure and simplify connections for all types of users: workflows and simple provisioning, identity lifecycle management, directory, access controls, Single Sign-On (SSO), securing APIs through access, securing access to resources in hybrid and multi-cloud infrastructures, and more. In particular, Okta enables the implementation of ZeroTrust approaches that maximise security in complex digital environments. Devoteam is an Okta partner.

  • Omada, Adopt

As organisations migrate to the cloud, they need visibility into every platform, application, service and user. Cloud governance is a set of policies and controls to manage user access, compliance, and reduce security risks in a multi-cloud environment. It must include the discovery, modelling, management, and control of access to all applications, resources, and data in the cloud. The Omada Identity Cloud SaaS solution provides identity and access governance, risk management, compliance, role-based access management, and process governance services. It enables organisations to ensure compliance, reduce risk exposure and maximise efficiency by providing policies, processes and solutions to meet governance requirements. Omada is considered a leader in the identity governance and administration (IGA) market by analyst firms Gartner and Forrester.

  • Otorio, Assess

Accelerated by the rise of 5G and IoT, the convergence between information systems (IT) and industrial systems (IoT) poses increasing threats to the latter. Israel-based Otorio focuses on this emerging issue with three solutions. The first is RAM2, a Security Orchestration, Automation & Response (SOAR) platform that inventories equipment, centralises data from sensors and security tools, assesses risk and compliance, and takes appropriate action. The second is spOT, which manages the risks and vulnerabilities of individual devices, including those isolated from the network. And the third is remOT, which secures the connections of remote users, for example during maintenance operations. For manufacturers, this is a player that deserves to be watched with all the more interest as it has few competitors.

  • ReachFive, Adopt

As a key step in the customer journey, authentication must be seamless enough to not compromise the user experience and secure enough to inspire trust. ReachFive meets this dual requirement with its Customer Identity and Access Management (CIAM) platform, which manages identity and consent management, authentication and access control, and identity federation in multi-channel and multi-brand journeys. ReachFive also connects to back-offices (CRM, marketing, etc.) to enhance the value of connection data and personalise the experience. ReachFive is a French provider with a large number of references in the retail sector, validating the relevance, reliability and robustness of its solution, which is able to withstand heavy seasonal loads. According to Forrester, the ROI of the ReachFive solution can reach 333% in 3 years.

  • Salt, Assess

The proliferation of APIs creates new offensive domains that are less and less controllable manually or with traditional tools such as Web Application Firewalls (WAFs). Dedicated to API security, the SALT platform collects all API traffic in order to map their endpoints, identify the nature of the data exchanged and detect anomalous behaviour. SALT enables security teams to detect API vulnerabilities, assess the risks, and respond quickly and effectively. Although still in need of development, SALT is an innovative solution that fills a blind spot in security systems and earns the attention of companies, like those in the banking sector, for example. However, SALT is primarily intended for organisations that are mature in application security and already have a SOC/SIEM.

  • Usercube, Adopt

In large organisations with high staff turnover, it is vital to keep rights and entitlements up to date. Without it, there is a risk of disrupting the business by denying legitimate actions or, on the contrary, of weakening security by leaving unauthorised rights open. Thanks to its IGA (Identity Governance & Administration) solution, Usercube enables the automation and reliability of the complex and time-consuming management of authorisations and access. Connected to source systems (HR, general services, etc.), the solution allows for the establishment of user identities, can use artificial intelligence to create and assign the appropriate authorisations and open up the corresponding rights in the applications. Regular renewal ensures that rights are up to date, while a management system provides a 360° view of individual rights and manages special cases.