Impermium's Mark Risher is a busy man. His security firm helps Pinterest, Salesforce, Tumblr, Twitter, and a host of other boldface digital properties protect themselves against spammers and criminals. And, from his company's perspective, the adoption of cloud services like Dropbox and Salesforce is a big business opportunity because hackers can break into those cloud accounts. In recent months, the Associated Press hack caused a massive stock fluctuation after traders were tricked by the Syrian Electronic Army into thinking terrorists attacked the White House. That's one reason Impermium launched a new product--Impermium Edge, an analytics dashboard which notifies companies of potential hacker attacks against their external services like Box, Facebook, and Salesforce in real time.
Edge, currently in beta, is designed to give customers information on social media hack attacks in real time. For Impermium's clients, who skew towards large corporations and media outlets with a vested interest in brand identity, this is an important selling point. Although the Edge dashboard informs customers when someone enters the wrong password into their Salesforce account, that's only the first step in its defense. Edge then factors in a variety of other contingencies--What IP address was the account accessed from? What browser was used? Does this person usually access this account at this time of day?--to determine whether the wrong log-in is a threat or not. If it is a threat, emails and SMS text messages to the company's security team are then autogenerated by the dashboard.
One selling point the company uses in press materials is Edge's ability to track “bad actors” across different online services, which gives clients the hypothetical ability to track hackers and spammers, chasing them across multiple platforms. At the moment, Edge is compatible with Facebook, Twitter, Salesforce, Box, ForgeRock, and Ping Identity. The dashboard then allows security teams to filter and track specific events.
While Impermium says that the Syrian Electronic Army comes up “quite a lot” with potential clients as a reason to add extra security to Facebook and Twitter accounts, it's not the biggest problem. Much more important, Risher claims, are smaller-profile attacks against corporations and media brands that lack the Syrian Electronic Army's high profile but that still cause costly, time-consuming headaches.
“There is such a thing as a bad neighborhood on the Internet,” Risher told Fast Company in a phone conversation. Impermium's hope is that Edge can tell the company's customers when someone attempts to access their Twitter or Tumblr feeds from a bad neighborhood before it's too late.