Incident response at the speed of light: Cynet launches free offering for incident response service providers
More and more, organizations take the route of outsourcing incident response to Managed Security Service Providers. This trend is distinct regardless of the organization’s cyber maturity level and can be found across a wide range of cyber maturity, from small companies with no dedicated security team, to enterprises with a fully equipped SOC. The hands of the incident response service providers are extremely busy and the need from their side to scale while maintaining top quality has never been greater.
To address this need, Cynet offers IR service providers to collect data, analyze, investigate and remediate threats on their customers’ environments with Cynet 360 platform for free, introducing unmatched speed and reliability into their operations. Any incident responder can now simply sign up to Cynet and immediately get free access to the platform.
“Cynet tackles the incident response play at its most fundamental core – speed,” said Eyal Gruner, co-founder of Cynet. “By harnessing Cynet 360’s lightspeed distribution infrastructure, Cynet enables IR providers to get immediate visibility into the entire environment they are accountable for investigating, purging from it malicious presences and handing it back to the customer, clean and ready for production.”
According to Gruner, who comes from deep offensive security and incident response background, Cynet 360 is, with no match, the fastest incident response tool available on the market today, and is now offering IR providers to use it for free.
Let us pause for a second to reflect on why speed is an IR X-factor. In the common scenario a customer suspects they are under attack. They don’t know where, when or how – that’s why they engage the IR service provider. Assuming that the suspicion is true, every minute the attacker has not been identified and removed is potential damage. Hence, the IR provider is as good as its ability to declare the environment clean of malicious activity, as quickly as possible. The faster you can deliver the ‘restored’ stamp, the better you are.
However, as most IR providers can tell you, executing this task with speed is far from trivial, as it entails gaining visibility and conducting a thorough investigation into the entire environment, which can comprise thousands of endpoints, user accounts and derived network traffic. Unfortunately, the toolset IR providers typically have at their disposal entails manual and time-consuming workflows.
This is where Cynet steps in with the enterprise-ready infrastructure of Cynet 360. Cynet 360 was purpose-built to seamlessly deploy within minutes, across thousands of endpoints. For the incident responder, this means gaining immediate visibility into the entire environment in one shot – visibility which otherwise could be achieved only by manually installing tools on each endpoint.
Using Cynet 360 introduces unmatched speed and reliability into the IR workflow, providing the following:
- Immediate time-to-value – the IR provider is on-boarded to take a suspicious environment and return it after validating there is neither malicious presence or activity. Cynet 360 boosts the speed and reliability of this process, enabling the IR provider to deliver faster and scale its operations.
- 60 minutes to full visibility – Cynet 360 automates the collection of incident data, its correlation and analysis, and automates event prioritization and focus by assigning a live risk score to all hosts, processes, user accounts and network destinations.
- Active threats detection – if there is indeed an attacker in the network, Cynet will automatically raise a real-time alert upon malicious file execution, attacker-controlled traffic and other post-compromise malicious actions.
- Threat removal – an environment under attack requires a multitude of types of remediation actions to declare it secure again. Cynet provides the largest remediation toolset to apply on infected endpoints, malicious processes/files, compromised user accounts and attacker-controlled traffic.
Cynet custom remediations
Cynet environment visibility
“We are throwing a bomb here,” said Gruner, “handing out a free tool that is an actual game-changer. Just think of the possibilities that it opens in terms of the incident volume an IR team can handle. We’re looking forward to mass adoption of the IR part of Cynet 360 – another disruption of the cybersecurity equation, in favor of the good guys.”