What do we do at Panorays? Panorays CEO and Co-Founder Matan Or-El explains. Matan’s full interview appears on Ynet, the largest Hebrew national paper. Here are some translated excerpts.
Preventing the Next Security Breach
Panorays, an Israeli company, has developed a system that rates the security posture of companies and organizations. With a platform that both pinpoints vulnerabilities and provides recommendations on fixes, they ultimately intend to set the world’s security standards.
“With just one click we provide a hacker’s point of view of a company’s security posture,” Or-El explains. This is an Israeli success story.
In the vast cyber world, Israel is at the forefront of development and innovation. Therefore, it’s no surprise that the best new features and technologies grow from within the industry and people in it who gained the experience necessary to thrive in the local and international ecosystem. Panorays presents an excellent example for such a new technology.
Breaches from the Back Door
“Security attacks happen all the time, in companies of all kinds. The larger companies may have good security systems, but their relationships with their suppliers still put them at risk,” says Matan Or-El, CEO of Panorays. “Companies have different relationships with third parties – lawyers, delivery services, advertising agencies, etc. Hackers breach the company’s suppliers and their often-weaker security systems to hack into larger organizations that hold sensitive information.”
Hackers realize that instead of attacking the hardened security at the big organizations, they can go to the weakest link – through companies’ relationships with third-party companies. One example is the customer experience software and services company 7.ai, which suffered a breach and consequently allowed the attackers to extract the data of many customers of big companies, such as Sears, Delta Airlines and others.
Matan Or-El is the CEO and co-founder of Panorays, which was founded two years ago. The other two co-founders are Demi Ben-Ari and Meir Antar. The three of them met while serving in Ofek, the Israeli Air-Force’s elite technological unit.
“Demi and I originally served in Mamram (the IDF’s Center of Computing and Information Systems),” says Or-El. “We have a lot of experience in security and Big Data. Demi is one of Israel’s top Big Data experts. Meir worked in the field of security in the Israeli Air Force. I gained my experience at Imperva, one of world’s top information security companies.”
Or-El and Amichai Shulman, who worked with him at Imperva and is now one of the company’s leading investors and a member of the board, recognized the market demand for protection against suppliers’ potential security breaches, which led them to found the company. Panorays currently has 25 employees, “the best in the industry, who were individually handpicked by us,” says Or-El. The company is located in Tel Aviv and has received early stage funding of $5 million, led by noted venture capital fund Aleph and by Moshe Lichtman and Michael Dolinsky, who are key business leaders in the technology and security industries.
Identifying the Need and Creating a Solution
“It has been known for several years now that suppliers may impose major security risks on their partner organizations,” says Or-El. A common solution that big organizations first adopted was sending out questionnaires to their suppliers, which acted as a basic security check. However, this solution turned out to be somewhat problematic, as many suppliers had trouble understanding the questions. They had suppliers of their own and filling out the questionnaire was time-consuming. As a result, the process of vetting a new supplier would take three to six months.
“We decided to create a product that would set the bar for the level of transparency between the two companies with regards to their validity and credibility,” says Or-El. “We want to set the world’s security standard. This standard will indicate the cyber resilience of a business to external attackers.”
“It’s important to keep in mind that we do not provide protection or prevention, but detection, identification, analysis and consulting,” explains Or-El. “With the click of a button, we provide a hacker’s point of view on a company’s security posture. The platform provides a real-time report of existing vulnerabilities, as well as a real-time rating for each supplier’s security posture. In addition, we work with the suppliers on ways to increase their security ratings, so their security posture meets the partner company’s requirements, and they can work together.”
Panorays’ service is cloud-based, and the system is already up and running. “Although we are just at the beginning, we already have customers, mainly in the US but in Europe and Asia as well,” says Or-El. “We have the advantage of analyzing a security posture from a hacker’s point of view. This analysis takes up to 72 hours.”