Cybereason, creators of the leading Cyber Defense Platform, today announced the availability of Replay, a new product enabling security analysts to retrospectively scope and understand the timeline of low and slow cyber attacks which can go back in time months or years.
Today, advanced cyber attacks seen in Cybereason’s active nine month Operation Soft Cell investigation favor a low and slow operation style against critical infrastructure companies. Extended attacks use the cover of time to circumvent existing detection technologies. Replay delivers the ability to look back over long periods of time in an easy and automated fashion to piece together an entire attack.
Like the Cyber Defense Platform, Replay was designed for all levels of analysts, empowering junior analysts to perform the investigative tasks of senior analysts. This accelerates the specialized work of an advanced analyst while giving full flexibility for investigations.
Increasingly, security operations teams are strengthening their Incident Response programs and in particular the clean up phase - Post Incident Review. Replay delivers the capability to answer what happened before and to build the complete infection timeline.
“Cybereason’s extensive Operation Soft Cell investigation drove our team to create and offer Replay, a new capability in our Cyber Defense Platform. Adding Replay functionality gives defenders the ability to add a critical capability to stop cyber criminals and nation state attackers, particularly those targeting critical infrastructure organizations,” said Lior Div, CEO and co-founder, Cybereason.
“Today, retrospective hunting is nearly impossible as its too cost prohibitive for companies to save data for much more than a few months. By using Replay enterprises can investigate an entire cyber attack going back months or years to correlate the series of events that took place during our Operation Soft Cell investigation,” said Roi Carmel, chief product and marketing officer, Cybereason.
Benefits of using Replay:
Investigate without time limits and correlate complex multi-wave attacks.
Investigate historical time periods for bad hashes, IP connections or exercise new threat intel or detection logic to validate a clean environment.
Scoping an attack to understand the timeline of the incidents, years before it was discovered and being able to stop all infection vectors.
Collecting audit data to back and collect required data.
Cybereason, creators of the leading Cyber Defense Platform, gives the advantage back to the defender through a completely new approach to cybersecurity. Cybereason offers endpoint detection and response (EDR), next-generation antivirus (NGAV), and active monitoring services, powered by its cross-machine correlation engine. The Cybereason suite of products provides unmatched visibility, increases analyst efficiency and effectiveness, and reduces security risk. Cybereason is privately held, has raised $189 million from top-tier VCs, and is headquartered in Boston, with offices in London, Tel Aviv, Sydney and Tokyo.
Learn more: https://www.cybereason.com/
Senior Director, Global Public Relations