Cybersecurity company Cynet recently announced the release of a SaaS version of its security platform, Cynet 360. Designed to help organizations with limited security resources, Cynet brings a unified defense across endpoints, network, files and users. The suite includes endpoint protection, EDR, vulnerability management, deception, threat intelligence and network and end-user analytics.
The SaaS platform allows any size company to sign up for a free trial and deploy Cynet on any number of endpoints within minutes.
“In today’s threatscape, the amount of effort required to get an effective defense up and running has become unattainable by most enterprises–large or small,” said Uzi Krieger, Cynet CEO. “Many organizations have neither the time nor the resources to implement technology to help automate some of these key functions. So they are trapped, reacting without sufficient visibility and time to invest in gaining that much-needed ability to stop cyberattack.”
The problem Cynet 360 attempts to solve is real. According to Verizon, 61 percent of data breach victims were not F500 companies. For smaller firms, according to SANS, 55% percent of SMBs have one dedicated IT employee and one dedicated cybersecurity employee. Staffing numbers are about half of what they consider to be ideal.
In addition, Cynet provides—free of charge—its CyOps team, a 24/7 group of security analysts who perform incident response, malware analysis, threat hunting and forensics. Cynet claims to develop a proprietary technology that allows their customer to deploy in only hours on any number of endpoints with no installation or setup.
“Our goal is simplicity,” said Krieger. “Our approach is designed to simplify management with automated monitoring to complement any sized staff. With a 360 view across users, network, files and endpoints, Cynet brings unparalleled visibility to control, understand and mitigate threats.”
How does it work?
Cynet can be deployed in different ways: On-premise, IAAS, SAAS, and also in a hybrid mode.
Cynet starts by scanning corporate assets to gauge security posture. Their analysis covers endpoints, users, files and network traffic. At the end of the process, you get a list of endpoints and a network map showing risk. Part of the scan performed by Cynet calls out unpatched Windows vulnerabilities, unauthorized and outdated applications and security policy violations.
For detection, Cynet has provides an integrated suite. Their offering includes traditional endpoint security, EDR, UBA, deception and network analytics. This pre-integrated approach helps to spotlight malicious behavior, exploitation, ransomware, lateral movement, brute force, user login anomalies, DNS Tunneling, privilege escalation, credential theft and more.
Providing a full suite in one place makes sense. While larger firms build a robust defense, many companies have, at best, a barebones defense. One study by the BBB showed that many smaller companies rely mostly on firewalls (76%) and AV (81%)–but little else. The third security control? Employee training at 47%.
The Cynet plaform also provides response capabilities and provides various paths to remediation including send to the Cynet SOC further (complementary) analysis as well as their sandbox for an automated analysis. Cynet can also perform file verification and memory string analysis to identify in-memory attacks. Lastly, Cynet allows you to pull a file for analysis by other tools. Cynet also allows you to automatically kill, delete or quarantine malicious files, disable users and run command, shut down process or restart hosts or isolate or block traffic.
The final part of the release: services. “We don’t think it’s possible for anyone to succeed in today’s threat-filled environment on technology alone,” explains Krieger. “You need expertise and our model marries technology and the human eye.”
CyOps, the Cynet cyber SWAT team includes security analysts as well as security and malware researchers whose expertise gives our customers 24/7 incident response, forensics, threat hunting and malware analysis. The team also proactively contacts customers if a high severity threat is spotted on their environment, thus enabling the customers to know that they are covered 24/7 even if they are not monitoring Cynet themselves.