nist cybersecurity framework

Managed Detection & Response (MDR): How Infocyte Eliminates Cyber Risk Within The NIST Framework

This post was last updated on September 23rd, 2021 at 03:39 pm

This blog is part two in our ROI series on reducing cyber risk and how Infocyte HUNT reduces your risk within the NIST framework. This post drills down into the managed detection and response (MDR) capabilities that can lower your overall risk and how Infocyte enables them for our partners and subscription customers.

Based on our experiences in over 3,000 different missions and investigations, we offer customers 8 key capabilities that map to a more detailed explanation of the NIST cybersecurity framework. We provide these capabilities to platform subscribers and through our network of certified service delivery partners.

nist framework managed detection and response

Infocyte HUNT Controls

Here is a close look at these capabilities and the eight key controls we provide through our Infocyte HUNT platform. Infocyte’s Command-level subscribers get the power of our hosted software platform along with premium support from trained cybersecurity specialists and incident responders at Infocyte’s Security Operations Center (SOC) or through our global network of partners.

For our partners, Infocyte represents the fastest turn-key path to delivering MDR-type services.

ControlNIST CategoryCritical Control
I1IDENTIFY - Asset ManagementDo I know all of my networked assets and where they are?
Actively discover networked assets in your network -- Any device (physical or virtual) with an IP and common ports and protocols exposed. What applications are being hosted? Do I have full coverage of logging and preventative tools?
I2IDENTIFY - Vulnerability ManagementWhat applications are installed in my network? Which are vulnerable?
Enumerate installed applications, their versions, and any known advisories (vulnerabilities) to gain unprecedented visibility.
D1DETECT - Anomalies and EventsDo I have visibility on attacks that get through my security controls?
Proactively discover threats in your network that may have evaded existing security controls
Includes Forensic State Analysis (FSA), an automated forensics approach to discovery with the most advanced live memory inspection available.
D2DETECT - Continuous MonitoringCompliments network and endpoint signature or behavioral monitoring with deeper inspection of the OS and forensic artifacts. Continuous collection and assessment on selected intervals.
R1RESPONDAm I able to reach ALL endpoints in the event of an incident?
How quickly can I triage and scope an attack?
Can I characterize these risks when found?
Investigate and confirm suspicious indicators and alerts by inspecting suspicious systems. Includes automated enrichment of collected forensic data.
R2RESPOND - Root CauseWhat was the root cause / patient zero?
Quickly collects and analyzes forensic triage data to determine scope of incident and collect samples of malicious code or applications.
Automated timeline construction.
Instantly recover samples of malicious code or applications, whether in-memory (fileless) or on disk.
R3RESPOND - Mitigate and ContainOnce fixed, can I validate the network is clean and no other backdoors remain?
Assist with isolating and remediating the impacted hosts
R4RECOVEREnough data and context to learn from the attack and improve. Recovery strategies updated, Security Policies and capabilities updated as required.

Contact us to learn more about our MDR services or request a demo to see Infocyte HUNT in action.