Memorizing Anything Including Hostile URLs and Malware Hashes with Polarity
Early this year, Gula Tech Adventures and Strategic Cyber Ventures invested in a memory augmentation company named Polarity. Both of our funds focus on next generation cyber security companies and as such, I often get asked, “Why Polarity?”. I answer, “It makes every security team more efficient regardless of what tools, technology or data they use.”.
Polarity is deployed in two parts — a server and desktop software. The server is loaded with access to any information you want to remember. I’ve configured mine to connect to Virus Total, ThreatConnect, MaxMind and Google’s Safe Browsing API. I’ve also loaded a spread sheet of my LinkedIn contacts and Google Maps. The second part is desktop software which uses computer vision to recognize words, IPs, addresses, hashes, .etc that fit into the data sets you want to memorize. As these entities are recognized, a configurable pop-up or persistent window shows the correlations.
To illustrate this, I drafted an email to Polarity’s CEO, Paul Battista, telling him about a malicious IP address and asking him to meet at Clyde’s in Reston Virginia to speak about it.
Polarity recognized a bunch of things in my email which was drafted through Gmail in my Chrome browser. It recognized a name (Paul Battista) and found his LinkedIn info. It found an IP address and queried Virus Total for any info on it. It also recognized the address for Clydes and popped a map up for it. If I had drafted this same email in Outlook or any other application, Polarity would have worked the same way as it based on the pixels on my screen.
When it comes to cyber security and tasks such as incident response, threat research, and coordinating investigations with a hunt team, Polarity can ensure your team has all of the information they need at their fingertips working with any tool they desire. Polarity works with any commercial tool, web interface, log file, spreadsheet, email client, power point, video or any other software that puts data on your desktop. Your team can work the way they want to work and leverage Polarity to tag and share data as they see fit.
The team at Polarity is actively developing integrations (and hiring developers) with many cyber products and have many existing ones including ThreatConnect and Carbon Black. Custom integrations are written in node,js. Example integrations can be seen on Polarity’s GitHub page.
The team has also placed a variety of demo videos and use cases on their blog. Use cases include integrations with Google Safe Browsing and working with unique executable files collected by Carbon Black.
If you are interested in learning more or requesting a demo, please visit https://polarity.io/ or meet with the team at Blackhat in Las Vegas later this summer.