Cybereason XDR: Achieving 10X Reduction in False Positives
The Cybereason MalOp detection engine to identify malicious behaviors with extremely high confidence levels, reducing false positives by a factor of 10...
Dan Verton
Today’s advanced threat actors are capable of gaining access to your network and moving laterally to more sensitive systems in just minutes. Therefore, detection, insight, and speed of response are critical to preventing business disruption, data theft or ransomware.
The AI-driven Cybereason XDR Platform provides a unified view of your endpoints, allowing analysts to quickly remediate complex threats that encompass multiple machines.
Let’s take a look at how Cybereason significantly improves the ability of defenders to detect and respond to a MalOp™ (malicious operation) involving multiple endpoints.
In the following demonstration, the Cybereason XDR Platform generates a MalOp when it detected that a child process of Microsoft Excel exhibited Domain Generation Algorithms (DGA) behavior, a tactic used by attackers to establish command and control over victim endpoints.
DGAs were developed specifically to counter the ability of security software to identify and block malicious domains:
Multi-Endpoint Response with the Cybereason XDR Platform
For more sophisticated teams and complex threats, Digital Forensic Incident Response (DFIR) capabilities are often required. Cybereason offers a full suite of DFIR technologies that can improve incident response times, including the ability to:
Using IR tools you can gain insight using memory dumps, threads, registry files, event logs, and more.
This full forensic toolkit can uncover malicious actions that have long since taken place so they can be taken into account in the investigation process. Likewise, the toolkit can be deployed in seemingly uninfected environments to uncover latent threats.
An AI-driven XDR solution enables organizations to embrace an operation-centric approach to security that delivers the visibility organizations require to be confident in their security posture across all network assets, and the automated responses to halt attack progressions at the earliest stages.
This approach also provides Defenders with the ability to predict, detect and respond to cyberattacks across the entire enterprise, including endpoints, networks, identities, cloud, application workspaces and more.
Cybereason is dedicated to teaming with defenders to end attacks on the endpoint, across enterprise, to everywhere the battle is taking place. Learn more about Cybereason AI-driven XDR here or schedule a demo today to learn how your organization can benefit from an operation-centric approach to security.
Dan Verton is Director of Content Marketing at Cybereason. Dan has 30 years of experience as a former intelligence officer and journalist. He is the 2003 first-place recipient of the Jesse H. Neal National Business Journalism Award for Best News Reporting – the nation’s highest award for tech trade journalism and is the author of the groundbreaking work, Black Ice: The Invisible Threat of Cyber-Terrorism (McGraw-Hill, 2003). He most recently served as an intelligence advisor and co-author of a nationwide TSA anti-terrorism awareness training program.
All Posts by Dan VertonThe Cybereason MalOp detection engine to identify malicious behaviors with extremely high confidence levels, reducing false positives by a factor of 10...
The Definitive Guide to Achieving 10X the Security Results Without 10X the Work is for security leaders who are seeking answers to how XDR can help them address the most pressing operational and business challenges facing cybersecurity teams...
The Cybereason MalOp detection engine to identify malicious behaviors with extremely high confidence levels, reducing false positives by a factor of 10...
The Definitive Guide to Achieving 10X the Security Results Without 10X the Work is for security leaders who are seeking answers to how XDR can help them address the most pressing operational and business challenges facing cybersecurity teams...
Get the latest research, expert insights, and security industry news.
Subscribe