Infocyte’s Behavioral Analytics Engine Maps to MITRE ATT&CK Framework
This post was last updated on March 31st, 2021 at 10:33 am
Security is dynamic because adversaries are always evolving and increasing their sophistication. Companies must defend against known attacks while also being able to stand up defenses to detect and halt emerging threats. Infocyte has provided strong detection capabilities through our threat intelligence, threat research and our AI & ML analysis platform to address these dynamic needs. Today, we are excited to announce that we are enhancing our detection even further with the Infocyte Behavioral Analytics Engine and alignment to the MITRE ATT&CK framework.
The Infocyte Behavioral Analytics Engine provides advanced detection capabilities through Infocyte-developed detection rules which are aligned to the MITRE ATT&CK framework, while also allowing the end-user to develop and execute customized rules that fit their organization’s unique needs.
As an advanced step forward with response automation, Infocyte’s Behavioral Analytics Engine will also soon provide the capability to embed response actions within detection rules that can be tailored to the customers unique environment. This functionality allows for the quick detection of threats and exacts an immediate response should the threat be identified.
With these advancements with Infocyte’s enhanced detection capability, we are able to provide security and IT teams with low noise, high fidelity, and high confidence threat detection and response.
The Infocyte Behavioral Analytics Engine provides key detection capabilities out-of-the-box but also provides enhanced capabilities to enable in-depth threat detection. Infocyte’s new detection capability stands out from the rest:
- Covering commonly used tactics and techniques outlined by MITRE ATT&CK
- Custom detection rules development experience–build rules that fit your business
- Detection on Infocyte’s compute (rules execute in our SaaS platform, not your endpoint)
- Fully embedded regular expression capabilities for complex detection rules
- Detect with rules in real-time; as well as, over historically collected data
- Recover additional telemetry and artifacts with Infocyte Core or Custom Extensions
- Automated response capabilities based on the customer’s unique environment