Cyberattacks continue to shift tactics, with hackers launching fileless malware that is undetectable by ransomware safeguards, antivirus and other traditional endpoint protection platforms.
Cyberbit’s adaptive Endpoint Detection and Response (EDR) platform, now provides advanced and semi-automated threat hunting, centralized response capabilities, and an improved SDK for detection customization.
Originally developed to meet requirements of high-risk organizations, Cyberbit’s new EDR enhancements help customers decrease threat detection and response times while minimizing false positives, drastically improving cyberattack countermeasures and cutting distractions for security teams.
Cyberbit EDR’s approach detects a broad range of attacks without relying on indicators of compromise (IOCs), including signature-less, fileless and targeted attacks as well as ransomware.
The adaptive approach automatically tailors a behavioral detection policy to the customer’s organization, which ensures the highest levels of accuracy based on each environment.
“Cyberbit provides one of the most effective solutions for detecting unknown, signature-less and targeted threats, including fileless attacks and ransomware, by using machine learning and behavioral analytics, enabling quick identification of root cause and response,” said Danielle VanZandt, research analyst at Frost & Sullivan.
“Cyberbit’s approach proved to provide its customers with substantially higher detection and response capabilities, while keeping low false positive ratios.”
“As a result, security teams can focus on high priority alerts and are not distracted and overloaded with false alarms.”
The new release includes the following key features:
Analyst in a Box
Analysts often work with fragments of the attack story; using their knowledge and experience, they seek traces of attacks buried in data.
Cyberbit’s EDR platform assists analysts by automating much of the hunting process, leveraging behavioral analytics and machine learning, which serves as an “analyst in a box,” speeding up threat identification and often saving weeks of investigative effort.
SDK and customization
Advanced customers can add proprietary detection algorithms to address their unique security requirements. They can also access the EDR’s big-data repository using APIs, and use their own functions and tools to proactively investigate and hunt threats.
Centralized response capabilities
Ideal for large, dispersed organizations, security managers can access any endpoint in the organization from a central location and rapidly investigate and respond to an incident, which eliminates the need to be physically present at the compromised endpoint.
“It takes only one fileless or signature-less attack to bring down an organization; however, these attacks are invisible to endpoint security systems.”
“Customers now understand that this is where they need to focus,” said Adi Dar, CEO of Cyberbit.
“Our EDR is gaining traction as one of the most reliable means to protect against advanced attacks, and this new release helps customers stay ahead of new threats and save time with next-generation SOC technology.”
Cyberbit was recently named by CRN magazine one of 20 coolest endpoint security vendors for 2017.
Cyberbit EDR is also the winner of the Frost and Sullivan Technology Leadership Award for Cybersecurity Detection and Response, and the winner of the Network World Asia Reader’s Choice Rising Star award for endpoint security.