AccessData Group, a leading provider of digital forensics, cyber security and e-discovery software, today announced that it is launching a worldwide roadshow to introduce the cyber security community, including customers, analysts and the business media, to CIRT 2.0 (Cyber Intelligence & Response Technology). Covering sixteen cities on six continents beginning August 8, the appearances will give attendees the first opportunity to experience CIRT 2, the first cyber security product to integrate network forensics, computer forensics, large-scale data auditing, malware analysis and remediation capabilities in a single product.
An innovative and long overdue approach to cyber security, CIRT 2.0 enables incident responders and information assurance teams to detect not just known threats across their enterprises, but unknown threats as well. It allows users to see all network communications and host data on tens of thousands of computers through “a single pane of glass.”
CIRT 2.0 also introduces two new features: Cerberus, the first integrated malware analysis and triage technology of its kind; removable media monitoring; and integration with third-party alerting and security management platforms, so CIRT can respond automatically when alerts are triggered.
“CIRT 2.0 is a game changer for cyber security practitioners because it allows you to detect the unknown. Although it leverages existing threat intelligence through file signatures and known-unknowns, it also lets you see anomalous binaries and activity without reliance on signature-based tools or the time consuming task of sifting through event logs,” commented Jason Mical, director of network forensics at AccessData, adding that CIRT also has built-in batch remediation capabilities.
“It doesn’t just provide a mound of data around a security incident; it enables users to actually stop the bleeding,” he said.
The CIRT 2.0 roadshow extends from August 8 to October 18, 2012 and covers many of the world’s largest security markets. Beginning in Houston, the tour includes stops in Washington DC; New York City; Seoul, Korea; Sydney, Australia; London, England; Frankfurt, Germany; Sao Paulo, Brazil; Mexico City, Mexico; Toronto, Canada; Dubai; and Johannesburg, South Africa; among others.
CIRT, which made its debut in March 2011, is a total security framework that significantly enhances the ability of organizations to protect information assets from both internal and external threats. By correlating network and host data, it allows security personnel to be unusually proactive in how they detect, analyze and remediate security breaches and data leakage.
In the age of advanced exploits and persistent threats, such as Flame and Stuxnet, reliance on signature-based tools and data leakage prevention products is not enough, noted Mical. “IDS, DLP and other tools of this kind don’t catch intrusions or leaked data unless you tell them specifically what to look for,” he stated.
Built-in Malware Analysis without the Sandbox
The inclusion of AccessData’s Cerberus malware triage technology into the CIRT 2 platform achieves an even higher level of effectiveness. Cerberus allows first and second responders to automatically examine suspect binaries and determine behavior and intent without waiting for a specialized malware team. Its two-stage protocol quickly tallies a “threat score” approximating how dangerous a binary might be, followed by much more complex disassembly analysis that gives incident responders actionable intelligence without waiting for time consuming sandbox analysis.
“Today, when an organization discovers it has been compromised, it is often by accident and usually long after widespread damage has occurred,” noted Mical. “CIRT is designed to provide 360-degree visibility into what is happening on your network to speed detection, root cause analysis and thorough remediation.”
Tour Dates and Registration
Cyber security professionals and other security industry specialists can register to attend a CIRT 2.0 briefing by visiting accessdata.com/cirt-roadshow.
About AccessData Group
AccessData Group (accessdata.com) has pioneered digital investigations and litigation support for 25 years. Its family of stand-alone and enterprise-class solutions, including FTK, SilentRunner, Summation and the CIRT security framework, enable digital investigations of any kind, including computer forensics, incident response, e-discovery, legal review and compliance auditing. More than 130,000 users in law enforcement, government agencies, corporations and law firms worldwide rely on AccessData software solutions and its premier digital investigation and hosted review services. AccessData is also a leading provider of digital forensics and litigation support training and certification.