Infocyte Launches Root Cause Analysis Tool, Activity Trace™, Featuring Automated Timelining, Triage, And Instant Patient Zero Visibility For Host-based Attacks
This post was last updated on July 19th, 2019 at 03:53 pm
To streamline cybersecurity incident response, Infocyte deploys the first of many features that provide independent security teams and service providers with critical intelligence during threat remediation.
AUSTIN, TX – February 5, 2019 — Infocyte announced today new capabilities available within their industry-leading Threat Detection and Incident Response platform, Infocyte HUNT. Activity Trace is the first of many enhancements aimed at assisting incident responders with root cause analysis, triage, and threat remediation. The new feature is available for customers and partners already using Infocyte HUNT’s cloud edition.
“We’re very excited about our new Activity Trace feature,” added Chris Gerritz, co-founder and Chief Product Officer of Infocyte. “Time is your most valuable ally when hunting for and responding to advanced cyber threats and Activity Trace changes the game for incident responders. Knowing where to start is key and Activity Trace helps IR teams quickly identify patient zero.”
Activity Trace is an event timelining feature that accelerates the incident response process, enabling IR teams to quickly uncover the root cause and identify patient zero—the first point of infection for host-based cyber threats. Timelines are assembled with native OS event logs and other forensic artifacts, independent from any monitoring tools.
Building on their initiative to deliver more IR features, Infocyte also introduced client-side encryption for privileged credential management, federated identity for single sign-on (SSO) and an alerts inbox notifying partners and customers of identified threats and suspicious activity.
Client-Side Encryption for Privileged Credential Management:
Customers and partners can now encrypt sensitive administrative accounts and SSH keys used for agentless collection with keys that stay on-premise. This provides an additional layer of protection, ensuring Infocyte’s cloud-based platform has zero knowledge of privileged account credentials.
Federated Identity including Advanced Authentication:
In addition to traditional authentication methods, customers and partners can authenticate into Infocyte’s platform via SSO with multi-factor authentication and third-party authentication providers. For instance, MSSPs may leverage group access across all of their customers—enabling seamless multi-tenancy—for both fully managed and co-managed (customer owned) Infocyte HUNT instances.
Real-time alerts and event management workflows enable security analysts to react faster to known and suspicious threats detected by Infocyte HUNT.
“We selected Infocyte HUNT as our forensics-based detection and incident response tool due to its ability to quickly set a baseline across physical and virtual networks, identify host-based attacks, and streamline our remediation efforts,” said Dan Wiley, Check Point’s Head of Incident Response. “The new Activity Trace feature gives our team an instant root cause analysis summary and event timelining, speeding our response time. We’ve already deployed Infocyte HUNT across multiple customer environments with tremendous success.”
One of the most challenging aspects of setting a baseline and discovering cyber threats in a customer environment is the reliance on existing security tooling and historical data. Infocyte HUNT enables faster discovery, forensic analysis, and identification of IT assets and threats across physical or logical hosts using an agentless or agent-based deployment model and can be implemented as a standalone solution or alongside existing cybersecurity tools.
Learn more at www.infocyte.com or visit Infocyte’s team at Check Point’s CPX 360 conference this week in Las Vegas at the Mandalay Bay Convention Center.
About Infocyte, Inc.
In 2014, after building and leading the U.S. Air Force Computer Emergency Response Team (AFCERT) our co-founders developed an easy-to-use, automated, and efficient cyber threat hunting and incident response tool, Infocyte HUNT. Their forensics-based threat hunting platform helps security teams detect hidden cyber threats, eliminate attacker dwell time, and respond to breaches — faster. No other cyber threat hunting and incident response platform delivers the efficiency, power, and precision of Infocyte HUNT. Learn more at www.infocyte.com.
Test out Infocyte's endpoint + Microsoft 365 detection and response platform for free. Sign-up for our community edition here and get started in minutes:
Would you rather run a no cost self-service assessment? Learn more about assessing your endpoints and Microsoft 365 environment with Infocyte here: