We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 as an independent site reviewing VPN services and covering privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize the independent, professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 as an independent site reviewing VPN services and covering privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize the independent, professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

Secure Your Data with Software Defined Access

Ditsa Keren Technology Researcher

Safe-T is a leading provider of software-defined access solutions which mitigate attacks on enterprises’ business-critical services and sensitive data. In this interview, co founder and VP product Eitan Bremler explains what software defined access is all about, and why going digital means you can't trust anyone.

Please describe the company background

Safe-T was founded in March 2013 by our lead founder, Amir Mizhar. A few months later, myself and Shachar Daniel joined. Today, we have roughly 50 employees, mostly here in Israel where our R&D product marketing headquarters are located. We also have teams operating in the US, Europe and Asia. We have been publicly traded for two years on the stock market; we have been covered by Gartner, Forrester and others, and have received a variety of analyst awards.

What's unique about Safe-T’s solution?

Named Software Defined Access, our primary solution aims to govern the complete life cycle of active data access. This encompasses all forms of data, be it files or applications, enabling comprehensive control over the entire process.

We want to control how users access data. The user can be an internal or an external employee, a business partner, a customer, a contractor, etc. We control how a user accesses data by first authenticating the user and then providing access to the specific application they are permitted to access. Once access is granted, we control what the user can do with the data. For example, can the user upload, download, view, edit, or delete a file? Which web-pages in a backend can he access, and so on.

So, what is our uniqueness in this process? Firstly, we are the only vendor in the market today that can solve both access and usage in one solution. This gives us end-to-end control and end to end data protection.

Secondly, We have the ability to detect anomalies in user behavior. We can see which user accessed which data, and what they did with it, so we can detect anomalies in user behavior, which is only possible with end-to-end protection.

What can you tell us about Safe-T's Behavioral anomaly detector?

We have a module that looks at all data being logged. The anomaly detection module goes over all logged actions and scans the traffic to detect anomalies in the user behavior. Think about a user accessing storage outside of the usual business hours. This could be a sanctioned action if a user was instructed to go in after hours to back up a file, or it could be an unsanctioned action, if the user came in after hours with a personal agenda to copy files from storage. There are many different anomalies in user behavior that can be detected, because we can see all of the actions made in real time.

Our solution integrates with the organization’s existing infrastructure, their data stores and authentication measures. We don't store user data, we only store event logs, so there’s no privacy issue here.

What is a ZERO TRUST Digital business, and what differentiates it from a traditional business?

Until zero trust emerged as a concept, everything was based on trust. When you hired someone for work, you assumed that you can trust them, but often that wasn't the case. You can authenticate a user to make sure they are who they say they are, but that alone does not mean you can trust them.

The world is now moving to zero trust. You assume that everybody is untrusted, and that changes the way we look at users and how we provide access. First authenticate, then trust, and not the other way around like it was in the past.

Another term which is relevant is Software Defined Perimeters, which goes hand in hand with zero trust. We use it as a marketing perspective because we see that more and more organizations are adopting the zero trust approach. Organizations like banks, insurance companies, healthcare and government organizations, who all understand that along with the benefits of going digital, they are becoming more open and vulnerable to the outside world.

Fifty years ago, most organizations were like an island, because everything was done on paper. Employees were the only ones allowed to use data, without external parties like customers, business partners etc.

Now, as the world is becoming more digitized, more and more external parties are accessing our data. Our perimeter and attack surface have grown immensely, which is why we need to move to zero trust. We need to reduce the size of the perimeter and reduce the attack surface.

A recent article on the Safe-T blog warns that PGP encryption is no longer secure. How so?

PGP, or Pretty Good Privacy, is a pre-legacy mechanism for secure communications. As the sender, you encrypt the body of the email on your machine, send it to the recipient, and in turn, the recipient will need decrypt it. This is still relevant within an internal ecosystem. If we have the client for both encryption and decryption, that works effectively because you can re-encrypt and send the email back to the sender. The problem is when you work with an external party. For example, an insurance company wants to send a secure email to a client. They can’t demand the customer to install a client because they are not part of the internal ecosystem, so in this case, PGP doesn't work. Our solution does not require the client to install any software, so essentially, it’s a next generation PGP alternative.

How do you see the future of secure access control?

There’s a bit of conversion that’s going to happen with authentication vendors and identity management vendors. Safe-T invests a lot in technology partnerships, with vendors such as Check Point, Palo Alto, SecureAuth, DUO Security, Okta, NortonLIfeLock, and more. We also see organizations moving from traditional VPN access control to application-based access control, not necessarily for employees but mainly for external parties accessing internal data. The concept of access will change, and eventually with zero trust and software-defined perimeters will become the predominant approach.

We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 as an independent site reviewing VPN services and covering privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize the independent, professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

About the Author

Ditsa Keren is a cybersecurity expert with a keen interest in technology and digital privacy.

Did you like this article? Rate it!
I hated it! I don't really like it It was ok Pretty good! Loved it!
out of 10 - Voted by users
Thank you for your feedback

Please, comment on how to improve this article. Your feedback matters!

Leave a comment

Sorry, links are not allowed in this field!

Name should contain at least 3 letters

The field content should not exceed 80 letters

Sorry, links are not allowed in this field!

Please enter a valid email address

Thanks for submitting a comment, %%name%%!

We check all comments within 48 hours to ensure they're real and not offensive. Feel free to share this article in the meantime.