New infosec products of the week: October 16, 2020

Cyborg Security launches HUNTR platform to help orgs tackle cyber threats

Cyborg Security’s HUNTR platform provides advanced and contextualized threat hunting and detection packages containing behaviorally based threat hunting content, threat emulation, and detailed runbooks, supplying organizations what they need to evolve their security analysts into skilled hunters.

infosec products October 2020

Cloudflare One: A cloud-based network-as-a-service solution for the remote workforce

As more businesses rely on the internet to operate, Cloudflare One protects and accelerates the performance of devices, applications, and entire networks to keep workforces secure. Now businesses can protect their workforce in a flexible and scalable way, without compromising security as distributed teams work from multiple devices and personal networks.

infosec products October 2020

Booz Allen Hamilton unveils SnapAttack, bringing together red and blue security teams

By unifying the security lifecycle into a single solution, SnapAttack enables red and blue teams to work together, emulating attacks from intelligence data, sharing insights of malicious behavior, and developing vendor-agnostic behavioral detection analytics to stop advanced adversaries.

infosec products October 2020

BAE Systems unveils cyber-threat detection and mitigation solution for U.S. military platforms

The Fox Shield suite is designed to help platforms detect, respond, and recover from cyber attacks in real time. The system’s cyber resilience capabilities can be integrated into ground, air, and space vehicles to protect our warfighters and platforms from cyber attacks designed to access and degrade mission capabilities.

infosec products October 2020

Shujinko AuditX: Simplifying, automating and modernizing audit preparation and compliance

AuditX automates evidence collection, maps evidence across multiple controls and across different standards, streamlines audit workflow and clarifies communication across teams and with auditors. AuditX organizes evidence in a centralized library for final readiness review and provides a 360-degree dashboard to make the entire process highly visible and predictable.

infosec products October 2020

Masergy extends the value of Masergy SD-WAN Secure to home and mobile users

Masergy’s Work From Anywhere solutions include SD-WAN Secure Home for executives and power users requiring unwavering reliability from their home office connections and SD-WAN On the Go for mobile users needing secure access to corporate and cloud applications.

infosec products October 2020

C2A Security launches AutoSec, an automotive cybersecurity lifecycle management platform

C2A Security announced the launch of its flagship cybersecurity product, AutoSec, a cybersecurity lifecycle management platform. AutoSec meets the rapidly-evolving challenges of vehicle cybersecurity with an open platform that empowers industry stakeholders to identify and mitigate cyber attacks.

infosec products October 2020

Cyborg Security launches HUNTR platform to help orgs tackle cyber threats

Cyborg Security announced a new threat hunting content platform that will help businesses grapple with the exponential rise in cyber threats that strike their IT assets and maximize the value of their existing security controls.

Cyborg Security’s HUNTR platform has been developed by a world class team of threat hunting experts to deliver advanced threat hunting and detection content, empowering organizations to move beyond reactive security, to proactive threat hunting.

The platform provides advanced and contextualized threat hunting and detection packages containing behaviorally based threat hunting content, threat emulation, and detailed runbooks, supplying organizations what they need to evolve their security analysts into skilled hunters.

Every HUNTR package is developed by dedicated threat researchers from malware analysis and incident investigations and is combined with unprecedented contextualization derived from cutting edge threat intelligence.

HUNTR content can be deployed using a proprietary patent-pending technology that tailors the hunting and detection packages to an organization’s unique environment and existing security toolsets.

The platform offers organizations a rigorous, repeatable, and sustainable path to maturing their threat hunting practices without breaking the bank. “There’s no denying businesses face an increasing volume of threats, and that many of them recognize the importance of creating threat hunting teams as part of their Security Operation Center (SOC),” said Dave Amsler, CEO and Founder, Cyborg Security.

“However, aggressively hunting threats and curating threat content has historically been expensive and, because it’s an emerging area, organizations have lacked the expertise and talent to support that function.”

Threat hunting is still nascent: according to a SANS Institute study, less than 30 percent of organizations believe they have a mature threat hunting program; however, more than 70 percent of organizations have threat hunting programs, indicating that many organizations are not doing threat hunting effectively and don’t have the resources to mature their existing programs.

“Cyborg Security aims to solve the biggest security challenges facing businesses. Amongst those challenges is an increase in inbound noise, a lack of threat hunting talent, and insufficient context and information to respond to threats.

“The HUNTR platform seeks to solve those challenges by delivering advanced and highly targeted hunt packages capable of proactively detecting even the most advanced adversaries’ actions, while giving hunters and analysts the context and accuracy needed to take action,” Amsler said.

Founded in 2019, Cyborg Security aims to disrupt the traditional threat hunt process and help remove the barriers to advanced threat hunting. Traditionally, organizations have adopted technologies and tools that are only able to identify the most obvious of threats.

One of the challenges continues to be an overemphasis on the capabilities of artificial intelligence (AI) to detect advanced adversaries.

By blending proprietary intelligence technology with human insight and analysis, the HUNTR platform reverses reactive security processes, turning analysts into hunters and making businesses aggressors against bad actors.

Benefits of the platform include:

  • Realize return on investment. The HUNTR platform enables organizations to immediately develop or mature their threat hunting teams by providing turnkey hunting and detection packages, empowering organizations to seamlessly detect malicious and anomalous activity in their environment.
  • Reduce level of effort. The HUNTR platform delivers tested, validated, and optimized hunt and detection packages, and uses automated mapping to deliver tailored content, reducing or eliminating the costly development or re-engineering effort.
  • Enrich analyst talent. Leveraging the HUNTR platform, even mid-tier analysts can complete advanced threat hunting in an environment.

Threat hunting for more than the top one percent

To date, threat hunting has only been done effectively by the top one percent of cybersecurity organizations. It is not a one-time process and takes extensive effort, resources, and money to do it effectively. The HUNTR platform eliminates those challenges, delivering functionality such as:

  • Search and discovery. All HUNTR content utilizes the MITRE ATT&CK framework, Cyber Kill Chain and the Diamond Model, as well as filtering by contextualized tagging including malware, threat actors, target industries and regions.
  • Threat hunt and detection packages. The contextualized and enriched content is based on emerging and advanced threat actor techniques. All packages contain living content, which undergoes continuous reviews to ensure accuracy and validity. Included each of the packages are detailed hunt plans, including runbooks and suggested remediation. ensuring that analysts can complete rigorous and repeatable hunts.
  • Automated mapping. Packages are compatible with most security analysis platforms and are mapped to the customer’s unique environment including fields, indexes, and source types. All content can also be manipulated to provide a feedback loop ensuring ongoing compatibility.
  • Threat feed. HUNTR includes exclusive access to the SIGNS Threat Feed, which uses a decay model to ensure indicators are relevant and actionable.

The Cyborg ecosystem includes partners in Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), and Security Orchestration, Automation, and Response (SOAR).