Area 1 Security: Preempting phishing attacks

About Area 1 Security

The industry’s most comprehensive anti-phishing solution, Area 1 Horizon identifies threat campaigns, attacker infrastructure, and delivery mechanisms to stop targeted phishing attacks during the earliest stages of an attack cycle.

Backed by top tier investors, Area 1 Security is led by security and data analytics experts from NSA, USCYBERCOM, Cisco/IronPort, and FireEye who realized a pressing need for a proactive solution to targeted phishing attacks. Area 1 Security works with some of the most sophisticated organizations in the world, including F500 banks, insurance companies, and health care providers, to preempt targeted phishing attacks and help change outcomes.
Industries: Technology
Location: United States

Tell us your challenge. We're here to help.

Contact us

By building its security service on Google Cloud Platform and using its tools to analyze massive information streams, Area 1 Security provides the best service possible for its customers.

Google Cloud Results

  • Protects customers against phishing attacks in their earliest phases
  • Takes decisive and comprehensive action across all phishing vectors—email, web, network
  • Performs rapid large dataset queries (100TB+) to identify small patterns indicative of emergent phishing campaigns

Analyzing more than 3 billion events every day

Area 1 Security uses a big data platform to identify targeted phishing attacks early and stop them. Founded by those who led and built the big data and analytics infrastructure for the National Security Agency (NSA), the company eliminates the threat from phishing, which remains the number one way hackers breach businesses, steal data, and cause financial damage. Area 1 Security gives customers the ability to change outcomes and protect themselves.

Area 1 Security uses a cloud-based service to uniquely identify targeted attacks based on the infrastructure and delivery mechanisms attackers use. The company analyzes a vast amount of information daily using sensors across the internet, a high-speed web crawler that spiders up to six billion URLs every month, and a distributed sensor network that gathers billions of network events in a day. It sends that information to a massive data warehouse for analysis where it is processed to discover emerging and ongoing cyberattacks. The company turned to Google Cloud Platform for its scalability, performance, and sophisticated data analytics tools.

“Area 1 Security’s service depends on scale, speed, and smart, fast analytics. Google Cloud Platform superiority in data analytics tools, processing, and highly scalable storage helps us provide the best security service possible for our customers.”

Phil Syme, Chief Technology Officer, Area 1 Security

“Area 1 Security’s service depends on scale, speed, and smart, fast analytics. Google Cloud Platform superiority in data analytics tools, processing, and highly scalable storage helps us provide the best security service possible for our customers,” says Phil Syme, Chief Technology Officer at Area 1 Security.

“With Google Cloud Platform, Area 1 Security has been able to identify millions of phishing attacks and malicious campaign events,” says Blake Darché, Chief Security Officer at Area 1 Security. “From reconnaissance through exfiltration, Google Cloud Platform provides us with unparalleled capabilities to discover attacks in their earliest formative stages and protect our customers.”

Identifying cyber threats faster

Area 1 Security’s total attack data warehouse contains more than approximately 3 petabytes, including a quarter of a trillion attack metadata records. Additionally, the company’s service needs to analyze over 3 billion events every day. To do that, the company uses a variety of Google Cloud Platform tools to host and analyze massive streams of information.

“With Google Cloud Platform, we can be agile and quick, while having a minimal operational staff,” says Phil.

The company’s data is stored in Google Cloud Storage, and Google Cloud Dataflow streams data to Google BigQuery and Google Cloud Bigtable. Google BigQuery, which hosts a database of more than 330 billion rows, performs analysis and ad hoc queries that help Area 1 Security quickly identify impending attacks. The company realized that when querying large datasets, Google BigQuery is the only cloud-based solution capable of handling a data set this size within the SLA required for its enterprise customers.

“When it comes to identifying security threats, speed and time are of the essence. With Google Cloud Platform, our platform gets answers in 30 to 60 seconds when querying a massive data set, which in turn allows us to rapidly protect our customers before attackers breach their network.”

Phil Syme, Chief Technology Officer, Area 1 Security

A curated set of attack and phishing data is sent to Google Cloud Bigtable for fast searches. Area 1 Security then uses its cloud services to take action against phishing attacks before they cause damage to customers.

“When it comes to identifying security threats, speed and time are of the essence,” says Phil. “With Google Cloud Platform, our platform gets answers in 30 to 60 seconds when querying a massive data set, which in turn allows us to rapidly protect our customers before attackers breach their network.”

Built from the ground up for security

Given recent breaches and state-sponsored vulnerabilities in off-the-shelf networking equipment, Area 1 Security sought a public cloud provider that could provide the security to run its systems.

“Google Cloud Platform has its own purpose-built chips, servers, storage, network, and data centers,” says Phil. “Google’s dedication to hardened security across the entire infrastructure means that Area 1 Security can trust the software that we run in Google Cloud Platform to be secure.”

Big data helps identify big threats

Google Cloud Platform helps Area 1 Security find threats, saves the company money, and lets its engineers focus on predictive analytics to find threats instead of running data center infrastructure. Digging through massive amounts of big data to find the small patterns that signal an early attack takes an enormous amount of computing, and Google Cloud Platform provides the power to do it.

“We didn’t have the time or resources to build our own infrastructure at large scale,” adds Phil. “With Google Cloud Platform we got an instant data warehouse and a fast, comprehensive search. We’ve saved many person years of engineering effort, so we can provide a unique security service for our customers.”

Tell us your challenge. We're here to help.

Contact us

About Area 1 Security

The industry’s most comprehensive anti-phishing solution, Area 1 Horizon identifies threat campaigns, attacker infrastructure, and delivery mechanisms to stop targeted phishing attacks during the earliest stages of an attack cycle.

Backed by top tier investors, Area 1 Security is led by security and data analytics experts from NSA, USCYBERCOM, Cisco/IronPort, and FireEye who realized a pressing need for a proactive solution to targeted phishing attacks. Area 1 Security works with some of the most sophisticated organizations in the world, including F500 banks, insurance companies, and health care providers, to preempt targeted phishing attacks and help change outcomes.
Industries: Technology
Location: United States