Synack Hydra Is Designed to Help Security Researchers Find Threats
Synack announced Hydra, a new tool designed to enable its researchers to work faster to find new threats.Synack debuted a new tool called Hydra that is designed to make it easier for its researchers to find potential threats. "Hydra is a platform that helps researchers to identify potential vulnerabilities that they can then utilize for exploitation purposes," Jay Kaplan, CEO of Synack, told eWEEK. "It also gives them better cognizance of our customers from a change detection standpoint." Kaplan started Synack in 2013 after spending nearly four years working as a senior analyst for the National Security Agency. Synack researchers are rewarded for finding vulnerabilities in customer environments and applications. Hydra is now part of the platform that security researchers get access to when they work with Synack, Kaplan said. Hydra, written by Synack developers largely in the Python programming language, resides in the Amazon cloud. The back-end data store includes the MongoDB database as well as Hadoop HDFS big data storage technologies. Hydra enables companies and security researchers to see how the externally facing infrastructure of organizations looks over time, Kaplan said.
As IP addresses are added, services come online and IT infrastructure changes for a given organization, Hydra provides researchers with alerts so they can examine what's going on for potential weaknesses. As an example, Synack has a customer with an online banking application that has lots of back-end infrastructure. "We have ingested their entire IP space into Hydra and are monitoring for changes of state," Kaplan said.