In January 2024, attackers obtained an exposed GitHub token and accessed NYTimes repositories. Leveraging the exposed secret, the attackers exfiltrated 270GB of data, including source code, IT documentation, and infrastructure tools.
None of the NYTime's internal systems were exposed, but sensitive data about their freelancers was.
Today, a significant portion of traffic does not travel through your firewalls or API Gateway, especially communication between your third-party applications. This means you do not have visibility into how your sensitive data is being accessed and by who.
What if they had Vorlon?
NYTimes was breached through a very common attack vector these days, a compromised credential. Since the attackers gained access to “valid credentials”, it is almost impossible to detect that a nefarious actor is leveraging the credentials.
Unless you have Vorlon. With Vorlon, New York Times would've been alerted to the new connection to their system early, and Vorlon would have provided a few different alerts / alert types to notify them of the exfiltration of their data.
Here is a brief overview of some of those alerts:
Secret Sharing Detected- Vorlon will raise a new secret sharing detected alert whenever it detects traffic using a secret that has been previously used by a different application
Sensitive Data Access - Vorlon will raise a sensitive data access alert whenever a new endpoint is detected that provides data which includes sensitive information
Unknown Source IP - Vorlon will raise a new unknown source IP alert whenever traffic from a new unknown IP that cannot be identified against the catalog of apps is detected
Unknown Source Geolocation - Vorlon will raise an unknown source geolocation alert whenever it detects traffic from a previously unidentified geolocation
Vorlon has the capability to help you secure your third-party applications and provide a level of visibility that is otherwise difficult to achieve.
Don’t rely on legal agreements with your vendor to secure your data, take back control and provide yourself with a way to secure it.
