Advanced Threat Protection

Use Case:  Advanced Threat Detection and Protection
The Cynet 360 Advanced Threat Detection and Response platform is powerful weapon in detecting today’s advanced threats such as APT, advanced malware, zero-day attacks, and trojans that easily bypass traditional signature-based security controls.

 

Uncover Hidden Threats Lurking in Your Organization
Engineered using an adversary-centric approach to detection, Cynet precisely detects threats across the attack chain. Cynet takes the unique approach of thinking like an adversary, detecting indicators and behaviors across endpoints, users, files, and networks to give a complete picture of an attack operation, no matter where an attack may try to slip in.

 

Precise, Pinpoint Accuracy
With its powerful correlation engine, Cynet presents its attack findings with near-zero false positives and without a lot of noise, simplifying the response for security teams to react to incidents that matter.

Automatic or manual remediation can be done, providing enterprise security teams a powerful yet simple way to detect, disrupt and respond to advanced threats before they can do damage.

The Cynet Platform
Make Your Security Simple

4 STEPS TO RISK RANKING

The Cynet security platform correlates and analyzes indicators across all fronts of the organization – networks, files, users and endpoints – to establish risk-ranking and hone in on previously unidentified threats.

Establishment of a Baseline

Cynet begins by collecting and then scanning indicators, assessing organizational traffic to define a baseline. These indicators are then used to establish a risk ranking, showing the severity of behavioral anomalies.

Correlation of Indicators

The risk rankings are established following the correlation of indicators across the 4 layers of protection – files, networks, users and endpoints. The indicators are filtered through Cynet’s correlation engine, which checks for anomalies including network configuration changes; suspicious changes in endpoints between scans; system file modifications; suspicious registry changes and other flag-raising activities. Decoys can also be applied for users, files and servers.

Vetting against Security Intelligence

Potential threats are then vetted against Cynet’s security intelligence module, where they are tested against dozens of anti-virus and anti-malware engines, threat reports and zero-day intelligence files. Threats identified as absolute threats are flagged and alerts issued.

 Inspection for Behavior Analysis

Items still appearing suspicious but not yet determined threats are then put through a static and if needed dynamic (sandbox) inspection. Within the sandbox, the file is executed in the context of the original scenario from which the file was found, indicators are collected during and after execution, including binary files and dependencies, such as DLLs. With this information, malicious behavior can be detected, identifying even difficult to uncover threats.

Cynet – the Total Security Platform

Today organizations must protect and detect on multiple fronts – files, networks, endpoints and users. A comprehensive platform, in which each front is investigated as part of the whole – is essential to achieving true organizational security.

Files

Cynet analyzes files for threats that bypass the security perimeter, infiltrating corporate systems and data files. Attackers piggy-back on the vulnerabilities they discover in files, or in the software that is used to create or open a file, using these weaknesses to insert malicious code into the system.

Networks

Cynet exposes attacks on the network such as malicious IP addresses and botnets, password-based attacks, modification of network and server configurations, Denial-of-Service attacks and man-in-the-middle and compromised key attacks. Resulting service outages from these threats result in downtime, lost productivity and brand damage.

Users

Cynet tracks user activities to create a baseline of typical user scenarios including working hours, file access, server access and typical network traffic. User behavior is monitored to uncover anomalies which can hint at attacks geared toward Intellectual Property theft, sabotage of IT systems, fraud, espionage or accidental insider threats.

Endpoints

Cynet scans and monitors endpoints for indicators of compromise that circumvent prevention systems. The platform detects and remediates the spread of advanced malware, Ransomware and other signature-less threats on Windows and Linux endpoints, which are often the hidden doors for hackers looking to break into critical systems.

Contact us

US Office
17 State Street
Suitae 4000
New York, NY 10004
USA
Tel: (212) 634-9358
Email: info @ cynet.com

Israel R&D Center
11 Moshe Levi Street
UMI Building
Rishon Lezion 75070
Israel
Tel: (972) 03-962-2655
Email: info @ cynet.com

Request Product Information
 Request Product Information