NewswireToday - /newswire/ -
Boston, MA, United States, 2020/04/23 - Cybereason today announced that its award-winning Cybereason Defense Platform completed Round II of the MITRE ATT&CK product evaluations - Attack.MITRE.org / Cybereason.com.
This latest round of tests demonstrated Cybereason’s ability to successfully defend against the techniques and tactics frequently used by Russian-affiliated cybercrime group APT29. In these evaluations, Cybereason once again showcased how its market-leading visibility and actionable threat detection enables security analysts to stop attacks before material damage occurs.
MITRE (attack.mitre.org) developed and maintains the ATT&CK framework based on open source reporting of adversary tactics and techniques. ATT&CK is freely available, and is widely used by defenders in industry and government to find gaps in visibility, defensive tools, and processes as they evaluate and select options to improve their network defense.
Cybereason’s results in the MITRE ATT&CK Round II evaluations indicate:
1. Superior Correlation: Cybereason delivered extremely high correlation efficacy out of the box. The ability to correlate data, unaided and in real-time, provides an immense advantage to defenders. Using correlated data to create a full attack story within moments of initial detection can mean the difference between stopping an attacker, and damage being done to an organization. This gives security analysts an intuitive understanding of the path an attacker takes, significantly shortening the time to respond and remediate.
2. Complete Visibility: The Cybereason Defense Platform provides superior visibility with detailed context for every incident. Analysts can view the entire process tree with a complete timeline of events for all malicious activity across every machine and every process. Cybereason enables security teams to thoroughly see and stop attacks, even against advanced threat actors.
3. Real-time Detection: Cybereason delivered immediate, contextualized, associated alerts automatically and consistently across all tactics, without analyst overload. Cybereason’s Cross Machine Correlation Engine powers ‘best in industry’ correlation of malicious activity in an environment by intelligently connecting detections, enrichment, and telemetry across all tactics without requiring additional time and risk of inconsistency due to manual construction of the story. This empowers analysts to resolve incidents faster and more completely.
4. Full Incident Context: The Cybereason malicious operation (MalopTM) gives security teams the full context of an incident across all affected machines and automatically pinpoints techniques at each stage of the kill chain. Upon receiving a Malop, analysts can quickly remediate in a single click, reducing mean time to remediate.
“The ability to publicly test the Cybereason Defense Platform against real-life attack scenarios is a rare opportunity, and we pride ourselves on having built our platform from the ground up with real-life attack scenarios in mind. Cybereason built an endpoint platform that helps our customers future proof security operations by addressing today’s sophisticated threats while simultaneously preventing emerging problems of tomorrow from happening. We look forward to working with the MITRE ATT&CK team again for the third round of evaluations later this fall,” said Lior Div, Chief Executive Officer and Co-founder, Cybereason.
Cybereason (cybereason.com), creators of the leading Cyber Defense Platform, gives the advantage back to the defender through a completely new approach to cybersecurity. Cybereason offers endpoint prevention, detection and response and active monitoring. The solution delivers multi-layered endpoint prevention by leveraging signature and signatureless techniques to prevent known and unknown threats in conjunction with behavioral and deception techniques to prevent ransomware and fileless attacks. Cybereason is a privately held, international company, headquartered in Boston, MA with customers in more than 30 countries.