OVERVIEW

Successfully managing an endpoint detection and response solution combined with an analytics platform can be a daunting task, with multiple agents and consoles to consult before security personnel can take any action. SANS analyst and instructor Dave Shackleford reviewed the Cybereason cyber security analytics platform because it offers a single agent, single console solution that has the potential to help security analysts manage endpoint security throughout the attack lifecycle.

Download the SANS review to see how the Cybereason platform addresses the following issues:

O Administrative action, including user and alert configurations, sensor profiles, and behavioral whitelisting
O Prevention through the use of static and dynamic analysis
O Malops detection through AI hunting, including visual reporting
O Investigation
O Remediation
O Threat hunting

 

Dave Shackleford, a SANS analyst, instructor, course author, GIAC technical director and member of the board of directors for the SANS Technology Institute, is the founder and principal consultant with Voodoo Security. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering. A VMware vExpert, Dave has extensive experience designing and configuring secure virtualized infrastructures. He previously worked as chief security officer for Configuresoft and CTO for the Center for Internet Security. Dave currently helps lead the Atlanta chapter of the Cloud Security Alliance.