Security News > 2021 > March > How Cybereason is reversing the adversary advantage

Once an adversary is in your network, it's not always easy to detect them, especially with complex, tailored attacks.

These include the use of fileless malware and living off the land techniques, where attackers use every day administrative tools to advance their attack against a targeted infrastructure.

You can still mitigate the attack if you can spot the attack sequence early.

Rather than focusing on alerting against individual network events that lack actionable correlations and context, the technology uses a concept called a 'Malop' - short for malicious operations - which takes the whole intrusion activity together as a single operation, surfacing individual attacker actions even when those behaviors resemble benign activity one would expect to see on a network.

Cybereason spent three years developing the technology that will tell you the story of the attack from root cause to every identity, device and platform whether on-prem or in the cloud, he explains, putting it in context and providing SOC analysts with guided remediation to stop the attack earlier by a simple click of the mouse.

We will give you one Malop that shows the same adversary in 500 of your machines, and the ability to stop the attack instantly on every one of those devices.

News URL

https://go.theregister.com/feed/www.theregister.com/2021/03/31/cybereason_ransomware_defence/