Blog
Back to Newsroom

Cybereason Launches Newest Version of its Award-Winning Threat Hunting Solution

Dec 19, 2018

Cybereason, developers of the world’s first and only end-to-end Threat Hunting Solution, today announced several new features to empower security analysts at Global 2000 organizations to detect and respond better to known and unknown cyber threats. This powerful new set of security and management tools includes the Attack Tree, Custom Detection Rules, Mitre ATT&CK Matrix and Remote Shell Utility.

“As we talk to companies grappling with today’s security challenges, it is clear that the ability to quickly and fully understand the scope of an attack is something many organizations lack,” said Roi Carmel, Chief Product and Strategy Officer, Cybereason. “With these new enhancements to our platform, Cybereason is building on its unique approach to threat hunting and enabling teams to find and respond to risks more quickly in their enterprises.”

The New Features in Cybereason’s Threat Hunting Solution

Attack Tree
To help defenders quickly understand the full attack story, Cybereason has launched the new Attack Tree feature, a hunting tool that displays a specific process chain of execution from start to finish. When responding to alerts, security analysts will use the Attack Tree to obtain deeper, more targeted insight into malicious behavior helping them to narrow down large data sets to focus on processes with security relevance.

Custom Detection Rules
Cybereason further automates the threat hunting process by eliminating the need for security analysts to manually run queries for specific malicious activity. Now analysts can use Cybereason’s UI to create custom detection rules and define new logic for triggering Malops, collections of related suspicious activities that are highly likely part of a security incident. Using custom detection rules, lessons learned from successful threat hunts or recently observed malicious activity can be automated to identify new attacks more quickly.

Mitre ATT&CK Matrix
With more than 200 types of behaviors and techniques cataloged, the MITRE ATT&CK Framework has quickly become a common framework for teams to evaluate defenses against attack techniques of many threat actors. Organizations adopting the framework are particularly reaping the benefits of using a common language that is shared across multiple defenders. With the adoption of the framework quickly rising, Cybereason has implemented it into the platform, making it easy for security teams to search for threats in their environment using ATT&CK classifiers and terminology.

Remote Shell Utility
To streamline and speed up incident response, Cybereason has built on its advanced remediation capabilities by enabling administrators to perform remediation directly on specific Windows machines using the Remote Shell Utility (RSU). RSU enables analysts to open a remote PowerShell session on a select machine in a secure manner, allowing analysts to efficiently investigate and remediate within one platform vs with several disparate tools.

“Recent breaches making headlines are stark reminders that a post-breach mindset is necessary to reduce risk. Minimizing severe and potentially long-term consequences is achievable by layering both passive and active threat detection techniques. Cybereason strives to empower security teams to identify, and more importantly to understand, active attacks to more effectively mitigate risk,” said Carlo Cadet, Vice President of Product Marketing, Cybereason.

About Cybereason
Cybereason, creators of the leading end-to-end threat hunting platform, gives the advantage back to the defender through a completely new approach to cybersecurity. Cybereason offers endpoint detection and response (EDR), next-generation antivirus (NGAV), and active monitoring services, all powered by its proprietary data analytics platform. The Cybereason suite of products provides unmatched visibility, increases analyst efficiency and effectiveness, and reduces security risk. Cybereason is privately held, having raised $189 million from top-tier VCs, and is headquartered in Boston, with offices in London, Tel Aviv and Tokyo.

Learn more: https://www.cybereason.com/

Media Contact
Bill Keeler
Director, Public Relations
Cybereason
bill.keeler(at)cybereason.com
(929) 259-3261