Cybereason comes pre-configured with a library of models that look for malicious activities and identifies tools, tactics and procedures attackers use when executing hacking campaigns. This frees you from spending weeks configuring and tuning rules.
These models look for the tell-tale signs of known and unknown malware, malicious tools, and zero-day exploits that attackers use to get an initial foothold in your environment.
Command and control models
Spot network traffic from your environment to command and control servers controlled by your adversaries. Cybereason command and control detection models identify behaviors such as domain generation algorithms (DGA).
Lateral movement models
These models identify attackers trying to expand their foothold in your environment by using legitimate tools, a method that traditional security programs cannot detect.
Privilege escalation models
These models examine user and process behavior to identify the attacker's attempt to gain a higher level of access to resources in your environment.
Data exfiltration models
These models identify the attacker's attempt to exfiltrate data or cause other types of damage in your environment.
These models identify malware that encrypts files in attempt to extort money from users.