VISION

For trusted, intuitive and expert cybersecurity

Given the exponential increase in attacks and their success rates, it's imperative to consider a new approach to web security.
THE FINDING

The year was marked by an increase in the success rate of attacks

  • Increase in attack surfaces

    The digitization of professions, teleworking and the explosion of connected objects bring undeniable benefits. But they also bring new opportunities and entry points that criminals can exploit.

  • Increasing aggressiveness of criminals

    In 2023, we saw a real imbalance between the aggressiveness of cyber criminals and the defense capabilities of companies, which are finding it hard to recruit cyber skills.

  • Complexity of cyber defense tools

    The diversity and complexity of attacks are forcing CISOs to implement cyber-defense solutions that are increasingly complex to operate, without being able to recruit qualified profiles.

The web has become too dangerous to let any user go to any site with any end point!

Whatever the type of attack or distribution vector, today the overwhelming majority of attacks use Internet domains (or URLs) as their mastermind.
Whether it's phishing sites to steal IDs or credit card data, sites harboring malware, or domains serving as Command and Control servers, malicious domains are everywhere, accounting for 20% of new sites created worldwide.
So it's vital to protect yourself against them.

However, most security solutions are based on recognizing the threat in order to block it. However, the number of threats and attack vectors is exploding: 400,000 malwares are created every day and 13 million malicious domains every month. These technologies are no longer able to update their threat base in time, leaving the door open to newly created malware and ephemeral domains. This explains the rising success rate of cyberattacks. Although essential, the traditional approach is now outdated.

OUR PROPOSAL

Exclusive Trust-Centric® technology

Faced with the explosion of malicious domains, Olfeo proposes to stop trusting unknown or uncategorized domains by default.

Olfeo's Trust-Centric technology authorizes user access only to trusted sites verified by Olfeo. In this way, all unreferenced ephemeral attacks are blocked. With this approach, all Olfeo customers have successfully repelled attacks.

This technology is made possible by the completeness and quality of Olfeo's URL database, containing over 100 million URLs and covering over 99% of queries in France and Europe.

OUR APPROACH

Trust-centric technology is only possible thanks to Olfeo's comprehensive URL database

  • Granular content analysis down to sub-domain level (blogs, e-commerce, etc.)

  • Dual analysis combining Artificial Intelligence and human confirmation to ensure impeccable categorization quality

  • Illicit categories updated to reflect regulatory and legislative changes

  • 22 million

    domains covering hundreds of millions of URLs

  • 99,5%

    recognition rate for web requests

  • 100

    categories and 9 themes

Ensuring safety and compliance with legislation
The human factor
Legal compliance
Sovereignty
The human factor

The human factor is an essential complement to your defense.
4 out of 5 attacks are the result of human error.
Cyber tools focus on threat detection and do not involve employees in security policy. Of course, training courses are available, but they are complex to implement on a company-wide scale.
It is therefore essential to implement IT hygiene training strategies for staff and employees.

Olfeo offers a product to raise awareness of cyber security issues, to train employees and make them proactive pillars of the cyber defense strategy.

Legal compliance

Organizations that provide Internet access to their employees are subject to a number of obligations in the same way as ECAs (Electronic Communication Operators). In particular, they must keep nominative logs for 1 sliding year, obey anti-terrorist laws...
They also have a duty to protect confidential data passing through their systems: personal data, customer and partner data, etc.
There are four major legal risks facing companies:
- Failure to comply with legal obligations as an Internet service provider;
- Providing access to illegal sites (terrorism, child pornography, drugs, etc.);
- Failure to comply with the RGPD when choosing a flow control solution;
- Failure to comply with labor law in its deployment.

Thanks to its database of URLs and fine-grained content categorization, Olfeo provides legal protection and helps IS managers ensure compliance with legal texts and labor laws.

Sovereignty

The confidentiality of our customers' data and secrets is strategic.
Until a few years ago, confidential or sensitive data was stored physically in corporate data centers. The rapid development of SaaS business applications (CRM, finance, R&D, HR, etc.) has led to the extension of information systems to external servers.
A great deal of sensitive data is transferred to external servers: customer files, contracts, research projects, industrial secrets, employee information, financial data, etc.
A SaaS security gateway occupies a special place in the chain of trust, as it intercepts and accesses all this confidential data. It's important to choose a loyal, independent publisher.
As a European company, Olfeo is not subject to US intelligence and telecommunications laws (such as the Cloud Act).