Skip to main content

Cynet Takes Cyber Threat Protection Automation to the Next Level with Incident Engine.


Cynet

We have all heard of the "cybersecurity skills gap" — firms' inability to hire and retain high-level cybersecurity talent.

I see this gap manifesting in two ways. First, companies that want to hire cybersecurity talent simply cannot find candidates with sufficient skills. Second, companies that cannot afford specialized cybersecurity talent and therefore lack the necessary skills to adequately protect their organizations from the growing and increasingly sophisticated cyber threats.

Both of these are real problems, and both can lead to devastating consequences. It's also fair to say that most cybersecurity teams today are overworked and understaffed.

One of the primary reasons we need such high-level cybersecurity skills lies in the shortcomings of cybersecurity technologies. Due to the changing and increasingly sophisticated stream of attack techniques, the breadth and depth of cybersecurity defensive technologies used to combat these threats and protect organizations against breaches have exploded. Today, there seems to be a specialized tool to cover every part of the attack surface and response process.

Unfortunately, all but the largest organizations with the deepest pockets can afford to acquire and then adequately integrate and maintain the expansive set of technologies required to protect modern-day organizations from breaches. Most smaller companies suffer from a lack of technologies to protect their organizations.

We are in dire need of approaches that simplify and consolidate the cybersecurity toolset so that companies can afford the coverage required and to make effective breach protection accessible to those other than world-class experts.

Enter Cynet.


One company that seems to get the need for simplification, without sacrificing the effectiveness, is Cynet.
Cynet was formed specifically to consolidate multiple threat prevention and detection controls into a single offering for two primary reasons. First, keeping all the controls on a single platform allows for far better results than integrating and managing technologies from multiple providers.

Second, it dramatically simplifies the technology stack (not to mention affordability improvements). Then, Cynet goes beyond these benefits by automating many of the common workflows required to respond to cyber threats that would otherwise require high-level skills, time, and effort.

Product Review: Cynet 360, 2020 Fall Platform Update


The Cynet 360 platform is built on three pillars; Extended Detection and Response (XDR), Response Automation, and Managed Detection and Response (MDR). These three components together provide what Cynet calls Autonomous Breach Protection - essentially breach protection on auto-pilot. Let's look at each of these components.


XDR


While XDR is considered a new technology – it's something Cynet has been doing since its inception. XDR technology essentially combines signals from multiple control points as part of a single platform to provide better results than when deploying multiple siloed controls and then trying to figure out the stream of alerts and data from each. Many analyst firms are touting XDR as "the next big thing in cybersecurity."

The Cynet XDR combines prevention, detection, and data from:

  • Endpoint Protection – Next-Generation Antivirus (NGAV) for basic endpoint malware prevention and detection and Endpoint Detection and Response (EDR) for more advanced endpoint protection, detection, and response,
  • Network Traffic Analysis (NTA) for identifying malicious activity on your network,
  • Entity and User Behavior Monitoring (EUBA) to detect anomalous user behaviors,
  • Deception technology to trick successful intruders into exposing their presence before damage can be done.

Response Automation.


Cynet automates many tasks associated with threat detection response and cross-environment remediation, including infected hosts, compromised user accounts, malicious processes, and attacker-controlled network traffic.

The New Cynet Incident Engine.


Cynet's new Incident Engine can immediately improve cybersecurity operations for any company and help full the cybersecurity skills gap.

Many solutions can detect threats and then automatically prevent them from executing and causing damage. This is wonderful and helpful, but only represents the first step in addressing a threat. We must assume that the threat discovered is likely only the tip of the iceberg and is likely only a piece of a larger, coordinated attack. This is where the cybersecurity skill gap becomes dangerous.

The Cynet Incident Engine triggers an automated investigation following certain high-risk alerts, fully disclosing its root cause and scope, and applying all the required remediation activities. This is offered on a single platform, out of the box, ready to bring your cybersecurity to the next level on day one. This, my friends, is the most amazing and useful cybersecurity breakthrough I've seen in some time.

How it Works.


On certain high-risk alerts, customers can click the Incident View button:
Cynet

This leads to a page that displays the full set of investigation steps and remediation actions that the Incident Engine performed as soon as the threat was detected.

As shown in the screenshot below, a simple workflow diagram shows the series of investigation queries and results (blue) that lead to findings (red) that are addressed with remediation (green). The Timeline on the right shows a more detailed description of every step, while the Incident Artifacts display the attack flow. The full incident is summarized in the upper text boxes.

Cynet


In the following example, we see an Unauthorized Memory Access Attempt alert that was triggered by an attempt to dump credentials – a common attack scenario. The initial alert indicates that Cynet neutralized the attempt and that the credentials were not accessed. The Incident Engine then does its thing - it isolates the compromised host against from which the attack was launched and revealed a lateral movement. It turns out that the attack was actually launched remotely from another host in the environment, which is the true root cause. This finding is concluded by isolating the root cause host as well.

Cynet


This off-the-shelf automated root cause analysis, impact investigation, and remediation actions took Cynet's platform just under seven minutes to fully perform, all in the background, saving literally hours of analyst effort. Or, it performed a series of tasks to find and remediate threats that some organizations would not have known were necessary or how to do them.

MDR - CyOps


Cynet calls their MDR team of cybersecurity experts CyOps. I find it amazing that Cynet includes 24x7 monitoring for all clients to ensure any real attacks are not overlooked. They also provide ad-hoc threat investigations and forensic analysis and guide their clients through any necessary remediation steps. CyOps is automatically included in the Cynet platform – at no additional cost.

This type of service is typically quite expensive and oftentimes only available from third-party providers. With CyOps intimate understanding of the Cynet platform, they can provide far superior service than MDR teams that some vendors contract with to support their platform.

Summary


The fully automated Incident Engine, coupled with Cynet's full Extended Detection and Response (XDR) platform and included Managed Detection and Response (MDR) service, provides quite a cyber protection package for any organization.

Many companies continue to rely solely on EDR or a combination of EDR and NGAV to protect the organization from cyberattacks and breaches. Alternatively, Cynet's solution provides a complete prevention and detection capability along with fully automated response actions and a full 24x7 MDR service to boot. If I were suffering from a lack of cybersecurity resources, as most companies are, my first call to improve my situation would be to Cynet.





THN



#osutayusuf

Comments

Popular posts from this blog

We Bring You Brief Series of Sanctions Against Uganda Government Officials.

📸: Gen Abel Kandiho. On 9-December-2021, USA slapped sanctions against the then CMI Commander Gen Abel Kandiho. 📸: Gen Kale Kayihura. On 9-December-2022, UK slapped sanctions against former Police Boss Gen Kale Kayihura. 📸: Commissioner General of Prisons, Johnson Byabashaija. Again on this 4-December-2023, the same USA has slapped sanctions against Uganda Prisons Commander Johnson Byabashaija over alleged torture and human rights abuses in Prisons across Uganda. We ask, has USA and UK made December as an LCM to slap sanctions against high ranking government officials in Uganda even when the sanctions just remain on paper without deeper investigations to ascertain logical conclusions or remedy to that effect ?. #iip_updates  #Information_is_Power  #we_inform_the_uninformed

How to Host a Website for Free From Your PC or Laptop.

Why pay for a web hosting service when your old computer can do the same thing? Learn how to self-host your site. If you're planning to launch a website but don't want to pay recurring monthly or annual hosting fees, you can use any old laptop or desktop PC to host a website for free. It's a great way to utilize your old system instead of throwing it away. In this guide, we will install and set up services on our 10-year-old laptop to host a WordPress, Joomla, or custom HTML or PHP-based website with a free SSL certificate. MAKEUSEOF VIDEO OF THE DAY Things You Will Need to Host a Website Following are the pre-requisites to host a website for free from home with just your computer: An old laptop or PC running Ubuntu Server. A registered domain name for your website Ethernet cable to connect the laptop or PC to router for reliable and fast connection Step 1: Update and Upgrade the Packages After  installing Ubuntu Server on your computer , execute the following c...

WHERE IS MINISTER OF SEX SIMON LOKODO?. (He deserves a battle of soda from me! Ministe`r esalanga mabee. He is quick to run after Mrs Dr Stella Nyanzi and other Opposition elements. Government aza aza edo zuu vaa kpere bua). Anyway, below is the article! POLICE OFFICER AKOL ESTHER CHARGED OF BEING A PUBLIC NUISANCE Naughty Officer Officer who embarrassed police after leaking nude photo charged 13.03.2018 She serves in the 'Very Important Persons Protection Unit'  Akol Esther  (Courtesy) A female police officer whose nude photo surfaced on social media has been charged of being a public nuisance. Akol Esther serves in the Very Important Persons Protection Unit (VIPPU) of the police force. Kampala Metropolitan Police spokesperson Luke Owoyesigire says Akol Esther might be demoted or expelled from the police force if found guilty of circulating nude photos. Police court is yet to announce date when Akol Esther is expected to appear for a hearing. This comes at a time when Pornography Control Committee is taking tough measures against persons circulating pornography content. The committee warned and promised to arrest persons who will circulate pornographic content.

POLICE OFFICER AKOL ESTHER CHARGED OF BEING A PUBLIC NUISANCE Naughty Officer Officer who embarrassed police after leaking nude photo charged 13.03.2018 She serves in the 'Very Important Persons Protection Unit' Akol Esther  (Courtesy) A female police officer whose nude photo surfaced on social media has been charged of being a public nuisance. Akol Esther serves in the Very Important Persons Protection Unit (VIPPU) of the police force. Kampala Metropolitan Police spokesperson Luke Owoyesigire says  Akol Esther might be demoted or expelled from the police force if found guilty of circulating nude photos . Police court is yet to announce date when Akol Esther is expected to appear for a hearing. This comes at a time when Pornography Control Committee is taking tough measures against persons circulating pornography content. The committee warned and promised to arrest persons who will circulate pornographic content.