To Streamline Cybersecurity Incident Response
Infocyte Launches Root Cause Analysis Tool, Activity Trace™, Featuring Automated Timelining, Triage, And Instant Patient Zero Visibility For Host-based Attacks
To streamline cybersecurity incident response, Infocyte deploys the first of many features that provide independent security teams and service providers with critical intelligence during threat remediation.
AUSTIN, TX – February 5, 2019 — Infocyte announced today new capabilities available within their industry-leading Threat Detection and Incident Response platform, Infocyte HUNT. Activity Trace is the first of many enhancements aimed at assisting incident responders with root cause analysis, triage, and threat remediation. The new feature is available for customers and partners already using Infocyte HUNT’s cloud edition.
“We’re very excited about our new Activity Trace feature,” added Chris Gerritz, co-founder and Chief Product Officer of Infocyte. “Time is your most valuable ally when hunting for and responding to advanced cyber threats and Activity Trace changes the game for incident responders. Knowing where to start is key and Activity Trace helps IR teams quickly identify patient zero.”
Activity Trace is an event timelining feature that accelerates the incident response process, enabling IR teams to quickly uncover the root cause and identify patient zero—the first point of infection for host-based cyber threats. Timelines are assembled with native OS event logs and other forensic artifacts, independent from any monitoring tools.
Building on their initiative to deliver more IR features, Infocyte also introduced client-side encryption for privileged credential management, federated identity for single sign-on (SSO) and an alerts inbox notifying partners and customers of identified threats and suspicious activity.
Client-Side Encryption for Privileged Credential Management:
Customers and partners can now encrypt sensitive administrative accounts and SSH keys used for agentless collection with keys that stay on-premise. This provides an additional layer of protection, ensuring Infocyte’s cloud-based platform has zero knowledge of privileged account credentials.
Federated Identity including Advanced Authentication:
In addition to traditional authentication methods, customers and partners can authenticate into Infocyte’s platform via SSO with multi-factor authentication and third-party authentication providers. For instance, MSSPs may leverage group access across all of their customers—enabling seamless multi-tenancy—for both fully managed and co-managed (customer owned) Infocyte HUNT instances.
Real-time alerts and event management workflows enable security analysts to react faster to known and suspicious threats detected by Infocyte HUNT.
“We selected Infocyte HUNT as our forensics-based detection and incident response tool due to its ability to quickly set a baseline across physical and virtual networks, identify host-based attacks, and streamline our remediation efforts,” said Dan Wiley, Check Point’s Head of Incident Response. “The new Activity Trace feature gives our team an instant root cause analysis summary and event timelining, speeding our response time. We’ve already deployed Infocyte HUNT across multiple customer environments with tremendous success.”
One of the most challenging aspects of setting a baseline and discovering cyber threats in a customer environment is the reliance on existing security tooling and historical data. Infocyte HUNT enables faster discovery, forensic analysis, and identification of IT assets and threats across physical or logical hosts using an agentless or agent-based deployment model and can be implemented as a standalone solution or alongside existing cybersecurity tools.
Learn more at www.infocyte.com or visit Infocyte’s team at Check Point’s CPX 360 conference this week in Las Vegas at the Mandalay Bay Convention Center.
About Infocyte, Inc.
In 2014, after building and leading the U.S. Air Force Computer Emergency Response Team (AFCERT) our co-founders developed an easy-to-use, automated, and efficient cyber threat hunting and incident response tool, Infocyte HUNT. Their forensics-based threat hunting platform helps security teams detect hidden cyber threats, eliminate attacker dwell time, and respond to breaches — faster. No other cyber threat hunting and incident response platform delivers the efficiency, power, and precision of Infocyte HUNT. Learn more at www.infocyte.com.
More from our blog
Despite the rich data provided by SIEMs, organizations find themselves drowning in false positives, making it difficult to focus on high-priority events. This problem of alert fatigue prevents cyber security teams from identifying and addressing real threats – impacting small teams with no SOC, large enterprise teams with a SOC, and MSSPs overseeing the security for many SOCs/customers.Read More »
In 2018, the U.S. Healthcare Industry Remained a Hot Target for Data Breaches. Last year alone, over 15 million patient records were affected with an average of one data breach occurring every 24 hours in the healthcare industry. It goes without saying that hackers and cyber attackers are finding ways around/through/past security defenses—exploiting vulnerabilities and…Read More »
A Brief History of Forensic State Analysis Prior to starting Infocyte, our co-founders, Chris Gerritz and Russ Morris, created the first enterprise-scoped threat hunting team for the entire U.S. Department of Defense. Their teams were responsible for hunting, detecting, and responding to highly sophisticated attacks across an 800,000-node network. With virtually unlimited resources and access…Read More »