Infocyte is honored to be reviewed in Network World as part of a lab review of the top 3 threat hunting products in the market. As threat hunting becomes the new standard in cybersecurity, Network World provides a detailed look at how Infocyte hunts for malware and APTs that have successfully compromised your network. The excerpt below contains links to the full review on Network World’s site.
Advanced Persistent Threats (APT) are able to slip past even the most cutting-edge security defenses thanks to a diabolically clever strategy. Hackers may try to breach your defenses thousands of times until they finally get in. Once a network is breached, most APTs go into stealth mode. They move slowly, laterally compromising other systems and inching toward their goals. But what if you could hunt down these active, but hidden threats before they can do real damage?
For this review, we tested threat hunting systems from Sqrrl, Endgame, and Infocyte. Each program was tested in a large demo environment seeded with realistic APTs which had bypassed perimeter defenses and were hiding somewhere within the network of virtualized clients and servers. We also snuck active threats past perimeter defenses to see how these threat hunting programs detected, caught and killed the current breed of apex predators of the threat landscape.
We found that in order to deploy these products successfully, security professionals must change the way they normally think. These threat hunting tools are not the passive observers that we’re accustomed to, simply reacting to alerts triggered in the SIEM. Instead, these are aggressive hunters who prowl their own networks looking to prey on APTs and undetected malware.
More from our blog
Despite the rich data provided by SIEMs, organizations find themselves drowning in false positives, making it difficult to focus on high-priority events. This problem of alert fatigue prevents cyber security teams from identifying and addressing real threats – impacting small teams with no SOC, large enterprise teams with a SOC, and MSSPs overseeing the security for many SOCs/customers.Read More »
In 2018, the U.S. Healthcare Industry Remained a Hot Target for Data Breaches. Last year alone, over 15 million patient records were affected with an average of one data breach occurring every 24 hours in the healthcare industry. It goes without saying that hackers and cyber attackers are finding ways around/through/past security defenses—exploiting vulnerabilities and…Read More »
A Brief History of Forensic State Analysis Prior to starting Infocyte, our co-founders, Chris Gerritz and Russ Morris, created the first enterprise-scoped threat hunting team for the entire U.S. Department of Defense. Their teams were responsible for hunting, detecting, and responding to highly sophisticated attacks across an 800,000-node network. With virtually unlimited resources and access…Read More »