Last month, Avis noticed that hundreds of thousands of customer data (including PII) had been exfiltrated. Hackers gained access to an Avis business application, and for three days (Aug 3rd to Aug 6th), they were able to access and exfiltrate data. On Aug 6th, Avis was able to oust the hackers from their systems, but not before 299,006 customers' personal information was stolen.
What If They Had Vorlon?
Avis has not shared many details on how this breach happened or through what type of business application. We have seen time and time again that not enough emphasis has been put on securing the traffic between organizations' (third-party) applications.
Most, if not all, third-party traffic does not go through an API Gateway or firewall, so it remains unmonitored. Because of this, most breaches go undetected for extended periods, allowing attackers to exploit vulnerabilities.
Vorlon monitors the traffic between your third-party applications and will alert you to new connections to your application or if sensitive data is being requested from it.
With Vorlon in place, both Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) are significantly reduced, enabling quicker identification and mitigation of threats, thereby minimizing potential damage and protecting sensitive information more effectively.
Learn more about how Vorlon can help and request a demo here.