TL; DR: Heimdal Security delivers unified, proactive cybersecurity and access governance solutions designed for the enterprise. Named after Heimdall, a mythological Norse deity fabled to foresee future events, the company strives to protect servers from attacks long before they happen. Now, with research into bias in artificial intelligence and machine learning, Heimdal Security is working to diversify its technology for even better protection against threats that antivirus software simply can’t block.
The capture the flag game of our youth — a territorial, outdoor event in which the objective is to steal another team’s flag — became undeniably cooler once the ethical hackers at DEF CON’s annual convention got their hands on it.
Since DEF CON 4, held in 1996, attendees have flocked to Las Vegas for their take on the game, which often involves finding bugs in intentionally vulnerable websites and programs. Several variations of the information security competition exist, and while they’re all a blast, they also give participants insight into securing a machine and reacting to attacks.
Miriam Cihodariu, Head of Communications and PR for Heimdal Security, said that North American players had held the lead in the U.S.-based competition for years. It wasn’t until 2011, she said, that a team from Denmark earned the top prize.
The idea was developed further by Denmark’s national intelligence, and Heimdal Security was born in 2014 under the umbrella of that agency. The success was so staggering the company split off on its own, and it’s been growing independently ever since.
Today, Heimdal security continues to advance the fight against cybercrime, providing the intelligence and new technologies needed to protect the servers of more than 6,000 companies and 900,000 users worldwide.
Proactively Detect and Block the Latest Generation of Malware
Miriam told us that the company’s name is a nod to Heimdall (Heimdallr in Old Norse), a mythological watchman. Heimdall was said to use precognition to keep intruders away from a rainbow bridge connecting the Earth with Asgard, a realm of the gods.
“Our brand reflects our Nordic heritage,” she said. “There’s the Viking logo, of course, and the Heimdall character, who you may know was portrayed by Idris Elba in the Marvel Cinematic Universe as an all-seeing and hearing protector. The brand is named after the same mythological figure as his character.”
Heimdall is the perfect inspiration for Heimdal Security, which leverages seemingly superhuman insight to protect servers from attacks long before they occur. Miriam said that cyber attackers are often successful because they use outdated software, such as browsers, plug-ins, and add-ons, to breach a network. Heimdal Security blocks these attackers by silently patching and updating apps.
“The rationale behind our growth has always been to identify what is currently missing from the cybersecurity market and implement solutions geared toward enterprises,” Miriam said. “We aim to provide a set-it-and-forget-it approach so businesses can focus on their core missions.”
The goal is to help customers avoid hassles like the patching paradox, a phenomenon that occurs when organizations focus more on hiring staff than formulating better security processes.
“There are lots of studies indicating that the more people you hire, the more chance that patches will be applied way too late, which leaves loopholes for zero-day exploits and so on,” she said. “No one really understands why this happens, but it’s stressful, and our clients don’t have to worry about that type of problem.”
An Extra Layer of Protection for Attacks Antivirus Can’t Block
Most of Heimdal Security’s customers — especially the enterprise portion — already have some type of security solution in place before they seek out the company’s expertise. That’s why the company’s DNS traffic filtering, automated patch management, admin rights management, and threat remediation services were designed for compatibility with outside solutions.
“It’s hard to find a client who doesn’t have some form of security already laid down,” Miriam said. “Fortunately, our technology plays nicely with other antivirus solutions — it doesn’t matter if you’re using a competitor’s product.”
In most cases, however, customers find they’re so happy with enhanced security measures that they want to check out more of what the company has to offer.
“They tend to start seeing the advantages in upgrading and switching to us for more and more parts of their security environment, which is very easy to do, since it’s all integrated so nicely into a single dashboard,” Miriam said.
Enterprises benefit greatly from the unified nature of the security suite. Each module collaborates with other modules in the system, feeding intelligence into one another. And it’s easy to tailor solutions to the needs of a particular server environment.
“Enterprises with thousands of endpoints see the real differentiator between us and our competitors because everything is so integrated,” Miriam said. “It makes the lives of sysadmins easier, which is something we strive for.”
Although most of the businesses Heimdal Security serves are on the larger side, the company has recently offered an extended 90-day trial for anyone affected by the pandemic.
Award-Winning Privileged Access Management Solutions
The first risk in any organization comes from users. According to the Ponemon Institute, the mean cost of an insider-related breach is $8.7 million, a figure that continues to rise over time.
To help mitigate such threats, Heimdal Security’s privileged access management (PAM) solution — dubbed Thor AdminPrivilege™ after the Norse god of the sky, thunder, and agriculture — helps users manage permissions and strengthen endpoint security through access governance.
The powerful platform was designed to combat insider threats while saving sysadmins time on manual escalations and installs. With Thor AdminPrivilege, requests can be approved or denied with just one click or swipe on a mobile device.
“As I said, we’re always trying to develop something that is lacking,” Miriam said. “In the PAM sector, we have the only solution that automatically deescalates upon infection. When the product as a whole detects that something is amiss, the users’ session will automatically end.”
Other solutions, she explained, rely on sysadmins to actively monitor endpoints. The more endpoints there are, the more likely it is that a sysadmin will detect the problem when it’s too late.
Research and Development on Bias in AI & ML
Heimdal Security is fueled by a talented research and development team focused on looking beyond the buzzword when it comes to artificial intelligence.
“Artificial intelligence and machine learning programs are only as smart as the data you feed them,” Miriam said. “I find it fascinating that algorithms used for technology like facial recognition software are being trained incorrectly, introducing bias from a diversity standpoint.”
The point is, whether it’s used for facial recognition or to secure servers in a smart way, not all artificial intelligence is created equal. With that in mind, Heimdal Security works to train its algorithms using the most diverse data possible.
“What’s exciting for me in terms of our road map is the fact that we are getting all of these feeds of intelligence from multiple databases in the world,” Miriam said. “Because of that, I think we will always outrank our competitors.”