In the past, the autonomous breach protection company Cynet announced that it is making Cynet 360 threat detection and response platform available at no charge for IR (incident response) service providers and consultants.
Today Cynet takes another step and announces a $500 grant for Incident Responders for each IR engagement in which Cynet 360 was used, with an additional $1,000 grant if the customer if the customer purchases an annual Cynet 360 subscription after the IR process is concluded. Learn about this new offering here.
Incident response investigations come in a thousand different variations, but most can be broken down into two main parts. The first is discovering the few suspicious machines, user accounts, and network connections out of the mass activities within the attacked environment.
The second part follows these discoveries and involves a surgical-like collection and analysis of forensic artifacts to refute or validate the suspicion and if validated to disclose the full attack root cause and impact.
While IR pros have a wide array of commonly used open-source tools to perform a deep dive forensic investigation on a single or few suspicious machines, there is a crying shortage of available tools for the first part.
That’s mainly because to find the proverbial compromised needle in a haystack of a mostly non-compromised environment, one must have complete visibility into the entire process execution network traffic and user activity.
This is where Cynet 360 comes in. With an enterprise-grade distribution infrastructure providing seamless deployment across thousands of endpoints in minutes, Cynet 360 empowers responders to effortlessly gain the required visibility into the initial part of the investigation, easily pinpointing the entities that should be further investigated.
Cynet 360 provides incident responders with the following capabilities that cover both the investigation and the remediation parts of the response process.
Full Environment Visibility
- Gain instant visibility into any host, files, process, Logs, network traffic, and user activities.
- Get a verdict, attack scope, and all indicators immediately.
- Use Cynet’s central management to distribute other open source IR tools across the environment.
Precise Threat Knowledge
- Get real-time, accurate threat knowledge auto-generated by the Cynet 360 correlation engine.
- For deep-dive investigations, leverage granular forensic tools to conduct an end-to-end investigation to determine the attack’s scope and impact.
- Trust your own skills – Proactively hunt
Complete Recovery Actions
- Isolate infected hosts, disable compromised user accounts, remove malicious files, and block risky network connections.
- Craft your own remediation policies for automated threat block and removal.
Learn more about this new offering for incident responders here.
via: thehackernews
Leave a Reply