Incident engine protects with integrated XDR, MDR and response automation
Detection and response in cyber threat protection in the Cynet 360 Version 4.0 presents a unified solution for cyber threats, says Cynet. The autonomous breach prevention platform now features XDR, 24/7 managed detection and response (MDR) and full response automation. It improves cyber threat detection accuracy while reducing the complexity and overhead required for comprehensive defence and mitigation of sophisticated and subversive cyber attacks, says the company.
Cyber security professionals deploy multiple prevention and detection technologies to defend endpoints, networks, users and data. These tools, however, while detecting and preventing the majority of cyber attacks can miss edge cases. These are the tools identify attacks that slip through the cracks between these point solutions. Visibility across the environment and understanding the context of security data and alerts is required. According to Gartner, “Extended detection and response (XDR) solutions are emerging that automatically collect and correlate data from multiple security products to improve threat detection and provide an incident response capability”.
Cynet 360 V4.0 has advanced capabilities including full threat visibility. It provides complete visibility across the entire environment. The detection power achieved by natively combining signals and data from multiple sources simply cannot be matched by siloed, point protection solutions, says Cynet. Even the most subversive attacks are fully exposed with pinpoint accuracy, the company continues.
It also has complete cyber threat prevention and detection. It provides multiple, integrated prevention technologies to block standard and advanced attacks across the environment. Deception technology entices cyber criminals that have penetrated the network into exposing themselves before they do real damage.
Centralising the signals from multiple detection sources allows Cynet 360 V4.0 to group related alerts and data into incidents. Incidents include all related alerts and indicators of compromise (IOCs) related to an attack and fully automates root cause analysis, threat impact determination and remediation actions.
It also provides fully automated response tools for cross-environment investigation and remediation. Investigations are fully automated – first determining the root cause and then analysing the full breadth and impact of the threat.
The incident engine is an automated response capability that produces a visual map of an entire incident investigation and response. In as little as five minutes, the advanced tool automatically performs a full incident response workflow, including root cause analysis, full threat impact determination and all necessary remediation actions. This reduces the mean total time to contain and eliminate real threats.
Finally, the CyOps 24×7 detection and response services team of cyber security experts continuously monitors all Cynet customer environments 24/7 to ensure any attacks are uncovered, provides ad-hoc threat investigations and forensic analysis, and guides users through any necessary remediation steps.