Security is dynamic because adversaries are always evolving and increasing their sophistication. Companies must defend against known attacks while also being able to stand up defenses to detect and halt emerging threats. Infocyte has provided strong detection capabilities through our threat intelligence, threat research and our AI & ML analysis platform to address these dynamic needs. Today, we are excited to announce that we are enhancing our detection even further with the Infocyte Rules Engine and alignment to the MITRE ATT&CK framework.
The Infocyte Rules Engine provides advanced detection capabilities through Infocyte-developed detection rules which are aligned to the MITRE ATT&CK framework, while also allowing the end-user to develop and execute customized rules that fit their organization’s unique needs.
As an advanced step forward with response automation, Infocyte’s Rules Engine will also soon provide the capability to embed response actions within detection rules that can be tailored to the customers unique environment. This functionality allows for the quick detection of threats and exacts an immediate response should the threat be identified.
With these advancements with Infocyte’s enhanced detection capability, we are able to provide security and IT teams with low noise, high fidelity, and high confidence threat detection and response.
The Infocyte Rules Engine provides key detection capabilities out-of-the-box but also provides enhanced capabilities to enable in-depth threat detection. Infocyte’s new detection capability stands out from the rest:
- Covering commonly used tactics and techniques outlined by MITRE ATT&CK
- Custom detection rules development experience–build rules that fit your business
- Detection on Infocyte’s compute (rules execute in our SaaS platform, not your endpoint)
- Fully embedded regular expression capabilities for complex detection rules
- Detect with rules in real-time; as well as, over historically collected data
- Recover additional telemetry and artifacts with Infocyte Core or Custom Extensions
- Automated response capabilities based on the customer’s unique environment
The post Infocyte’s Enhanced Detection Rules Engine Maps to MITRE ATT&CK Framework appeared first on Infocyte.
*** This is a Security Bloggers Network syndicated blog from Blog – Infocyte authored by Infocyte. Read the original post at: https://www.infocyte.com/blog/2021/03/17/infocyte-enhanced-detection-rules-engine/