A new cybersecurity tool launched from stealth mode today by ex-military intelligence agents offers a way to stop hacker operations in real time.  The founder’s name is Lior Div, and he is a recipient of Israel’s prestigious Medal of Honor for cybersecurity campaigns that he led within the famed 8200 unit.  The 8200 unit is an Israeli Intelligence Corps unit that focuses on signal intelligent and code decryption and is analogous to the NSA here.  The accomplishments of the Cybereason team focused on experiences hacking and defending against the biggest threats and best hackers around the world.  The Cybereason platform is not just a project as it has significant funding in place and is ready to show how it will enable enterprise to shut down hacking organizations directly and not just shutting down the infiltration attempts.

● How Hacking Operations Work video:

How hacking operations work from Cybereason on Vimeo.

At the heart of Cybereason’s innovative platform are proactive protection operations that is patterned off the team’s deep knowledge of sophisticated hacker groups and how they attempt to infiltrate an organization.  The detection and termination of malicious operations – ‘Malops’ as it’s named here – is the core of the system.  Through an active and continuous monitoring of systems across the enterprise, the system automatically detects and eradicates Malops on the spot in real time.  We’ve talked about Big Data platforms and security in the past, where anomalous events are identified through rapid scale analysis are brought to the attention of security engineers for response.  What Malops introduces is a visual aspect that delivers the severity of the threat in context.  This delivers a complete picture of these events that contains the nature of each threat and possibly the level of infiltration that has been observed.   Proprietary analytic knowledge ranks these events so that security staff can react to the events appropriately and shut down the threat sometimes before it evolves into a full effective attack.  Attacks often take this pattern of benign action, probing, identifying targets and weaknesses before the significant attack is launched.

As we break down the value that this platform delivers, it is important to consider that simple breaches are serious, but not as big a threat as today’s phased attacks.  Quite often the initial breach is just a setup to the next attempt, especially if you are directly targeted.  They are gauging your response, your capabilities and the skill of your organization.  Hackers play for keeps and are willing to wait things out until they get through to what they are looking for.  This falls within what is called the Advanced Persistent Threat (APT) – and it is full of patience, calculations and alternative methods that threaten an organization.  What that means is that when you focus on the point of initial penetration, you are missing the big picture that is the whole organization and its operations.  That’s where Cybereason leverages its awareness – across the organization to counter the calculated, multifaceted modern threats.

● Cybereason slide show: http://ow.ly/toUyr

Cybereason has seen early deployment in the United States and Israel at a number of sites with success that is creating a buzz.  The opportunity to deliver analytic security tools with automated expert threat information to security analysts around the globe can only mean big things for the organization by enabling the rapid termination of threats before they manifest in serious attacks.

● Malop market brief: http://ow.ly/toTUq