A Cyber Defense Platform in 2020 looks much different than it did a decade ago. The rapid adoption of the cloud has added new challenges to the already complex task of protecting your organization’s digital assets. On a recent webcast, Eric Foster, President of CYDERES, talked about the nine essential components of a modern cyber defense platform that help give organizations a holistic approach to protecting their businesses from the threats most commonly seen in the contemporary digital landscape. We have broken out each of these essentials below so that you can quickly get insight into these unique areas. Next week, we will be back on the blog with some recent developments from CYDERES, a Fishtech Group venture, and how they have been developing their offerings to help organizations achieve the protection of a modern cyber defense platform. Stay tuned!
SIEM-“NG” for Logs
In modern cyber defense, you need something to store your logs, telemetry, and signals as part of your overall integrated platform. In this first video, we’re talking SIEM.
Analytics with Machine Learning
The next component involves analyzing the telemetry that you have stored. There are certain things that machines are really good at analyzing at scale and at speed, and the integration of analytics with machine learning will allow you to take advantage of the strong suits of this technology to better detect threats to your organization.
Orchestration & Automation (SOAR)
We’ve been doing orchestration and automation for as long as we have been doing security. This component is important to make sure your security team can do things better and more efficiently, especially in regard to the most common use cases of your security team.
Network Traffic Analysis
We are big believers in network traffic analysis as a fundamental component of cyber defense. Someone just coming at things from an endpoint perspective is missing a lot of signals, and missing the ability to put endpoint signals in context. Network traffic analysis helps fill in those gaps.
User / Entity Behavior Analytics
User- and entity-based signals are important to quickly catch policy violations or the potential that a user’s credentials have been stolen, and help to bolster your overall analytics engine.
The next piece involves technology that can both sense signals from your endpoint, and then put that signal into your cyber defense platform/analytics engine.
Threat Intel Enablement
Now that you have all of these signals, all of these logs, and all of this telemetry, being able to analyze all of these for threat intelligence is absolutely critical, especially being able to bounce this intelligence against your historical security telemetry.
Deception is one of the single highest-ROI technologies in cybersecurity right now, according to Eric Foster. Deception becomes a high fidelity alert source for detection when threats bypass your other controls.
Cloud + On-Prem
Cybersecurity is looking to solve “big data” problems with the modern adoption of the cloud. Everything that you put in place has to be built on a scalable architecture and operate at scale.
Thanks for watching these videos in our cyber defense platform video series, and stay tuned to the blog next week as we dive deeper on some recent developments with CYDERES that you won’t want to miss. In the meantime, fill out the form below, and we can get you connected with one of our CYDERES experts to talk more about how we can bring world-class cyber defense to your organization.