Confiant: Confidently Leading the Way to Threat-Free Cyberspace

Louis David Mangin, CEO & Co-Founder
Malvertising is a type of cyber attack where malicious code or content is delivered through legitimate online advertising networks. Some attack variations force the browser to redirect the user to a malicious site or phishing attempt, others present fake content aimed to con the viewer into a fraudulent investment. It can steal identification, financial, and contact data, encrypt or delete information, change / hijack core computer functions, and even spy on a device’s location data without the owner’s knowledge or permission.

From an enterprise point of view, malvertising presents end point risk to individuals and devices that browse the internet. The Department of Defense, in late 2021, confirmed to Congress that it deployed various technologies to protect against online-advertising related malware and data collection threats. The risk of malvertising is real and growing, notably so over the past decade as the ad industry has dramatically expanded the scope and scale of its real time bidding infrastructure. This is where Confiant comes into the picture, with their first-of-its-kind technology integrated deeply into the ad tech infrastructure and offering the ad industry proactive threat detection and individual event blocking in real time. According to Louis-David, “LD”, Mangin, Co-founder, and CEO, “Digital ads was an unmapped threat vector before Confiant largely because of the complexity mitigating the incredibly high ratio of noise to signal in the ad tech infrastructure. It speaks volumes that our detection signals have consistently had 100% turnover every 24 months since Confiant’s inception.”

Surmounting the technical challenges required four years of rigorous R&D, where Confiant worked to figure out the right methods to connect into the ad tech infrastructure without amplifying the feedback loop to the bad actors, who in this vector benefit from being considered clients until their maliciousness is unmasked. Today those integrations handle several hundred billion events daily, enabling them with uniquely accurate data, such that Confiant was able to map the threat vector and published in 2021 a Malvertising Attack Matrix at matrix.confiant.com. As LD confirms, “Integrations are one of our superpowers. We have now built more than 130 integrations into the ad infrastructure, creating not just visibility, but control. Our patent pending real time blocking technology was an industry first and the landshift moment when the malvertising protection went from whack-a-mole to cat and-mouse.”
Leading malvertisers are heavily invested in ‘cloaking’, where the bad actors conditionalize the loading of their malicious code or content to a targeted recipient. That is the technique most commonly used in investment scams, which according to LD, is one of the three major malvertising attack types. The entities running those attacks are fraudulent investment companies, stealing billions of dollars from people, funds that would otherwise be invested in the financial industry. The second are branded attacks where bad actors present themselves as a major brand, seeking to interject into the relation that a brand has with its clients, leading to a loss of credibility and trust. The third, oddly enough, is Mac malware, which presents a unique risk to large enterprises with the significantly expanded footprint of Mac devices in the corporate world.

Confiant is now entering Phase 2 of its vision, mining its unique attack data (a 2021 benchmark exercise against VirusTotal showed 96% uniqueness of malicious domains according to LD), expanded its visibility to broader web vectors, while layering on threat intelligence and ad industry empowered takedown actions. The goal is to bring this valuable data to companies whose networks and clients are affected.


We have now built more than 130 integrations into the ad infrastructure, creating not just visibility, but control


Confiant’s unique capabilities and data has generated ample research and quite a few accolades in its journey. The company was the first to detect a new family of Mac malware last year (WizardUpdate), and has a mention in Google’s Security Hall of Fame because of the almost-dozen browser CVEs for being first-to-detect significant browser exploits over the past 3 years. Recent research tied to its expanded visibility includes publications on SeaFlower, a ad driven malware infected crypto wallet attack, as well as into crypto drainers executing templated fake mints targeting brands launching NFTs. Committed to protecting brands online and true to core cybersecurity principles, Confiant is honored to be an ally in the enterprise cybersecurity space. Speak with Confiant’s Enterprise Threat Intelligence Team at: enterprisesecurity@confiant.com

Company
Confiant

Headquarters
New York, NY

Management
Louis David Mangin, CEO & Co-Founder and Jerome Dangu, Co-Founder & CTO

Description
Confiant is making the digital world safer for everyone by ridding the world of bad ads

Confiant