MITRE | March 03, 2022
MITRE introduced MITRE Engage™, a communication, and planning framework for cyber adversary engagement, deception, and denial efforts. Engage assists chief information security officers (CISOs), cyber defenders, and vendors in implementing protection methods based on real-world adversary behavior.
Adversary engagement and deception operations can halve the cost of a data breach, waste an adversary's time, and make attackers more challenging to discover. Engage is mapped to the MITRE ATT&CK® framework, which allows practitioners to quickly identify an attacker's weaknesses when utilizing a given ATT&CK technique and how to exploit them.
Maretta Morovitz, MITRE Engage lead, said, “Engage is about empowering the cyber defense community. Every day, adversaries launch cyber-attacks. Some will always slip through. Taller walls aren’t the complete solution. We need to stop what we can and be prepared to engage with those who make it through. With traditional cyber defense, the adversary only needs to be right once, but with cyber deception, the adversary only needs to be wrong once.”
Engage offers a standard nomenclature for the cyber security community, based on MITRE's Shield framework and more than ten years of operational experience. The Engage toolkit on the website offers more than just a matrix; it also includes a manual, starter kit, worksheets, posters, and other materials to help you overcome planning challenges while improving your knowledge. CISOs may use Engage to develop a security strategy for their firm, defenders can use it to put that strategy into action, and suppliers can use it to align their products with the aims of their customers.
MITRE held a series of focus groups with vendors, defenders, and CISOs over the last year to gather input and insight on Engage's development. MITRE also conducts enemy engagement operations to inform and drive the Engage website's resources. And MITRE is still collecting ideas and feedback from the public about how Engage can help defenses.
“Engage goes beyond a framework. It delves deep and wide into the entire process of adversary engagement, from planning to analyzing, Plus, as we grow the Engage community, we can continually improve and mature our research in defending against cyber threats.”
prnewswire | August 31, 2020
REVBITS CYBERSECURITY SOLUTIONS, provider of a comprehensive suite of security solutions, announced today that it has been named one of the top 100 cybersecurity startups for 2020. RevBits prevailed against many strong cybersecurity startups for this prestigious award. Cyber Defense Magazine searched around the world and found over 3,200 cybersecurity companies, nearly 30% of which were founded or launched their first innovative cybersecurity products and services within the last 36 months.
NETSCOUT | November 08, 2021
NETSCOUT SYSTEMS, INC.a leading provider of cybersecurity, service assurance, and business analytics solutions, today announced the availability of Omnis® Cyber Intelligence (OCI), the industry's fastest and most scalable network security software solution, built on the foundation of the industry's most prominent network monitoring and packet recording and analysis technology. It uniquely detects and investigates suspicious activities in real-time and retrospectively, identifies threats early in the attack life cycle to prevent infections from spreading, stops future attacks, and identifies compromised assets.
With cyberattacks increasing and breaches making front-page news, IT security teams find that their existing tools are no match for this growing threat, and both their expenses and their cyber risk are growing out of control. This is the case because the typical data sets feeding these tools are reactive, not granular, and do not extend to the earliest indications of a potential attack.
NETSCOUT's approach to turn the situation around is to leverage its market-leading visibility technology to increase the range and depth of security intelligence and make it accessible to security teams in real-time. The solution consists of an analytics stack and cyber security software sensors called Omnis CyberStreams.
NETSCOUT's Omnis Cyber Intelligence arms security teams with proactive, actionable intelligence helping them to:
Perform continuous scanning and analysis for reconnaissance to detect attacks earlier, minimizing exposure and, in many cases, thwarting the threat.
Rapidly access high-resolution historical evidence far back in time to understand how an attack started to prevent similar breaches and stop ongoing malicious activity.
Monitor exposed attack surfaces within their infrastructure to optimize the effectiveness of the defenses deployed.
Evaluate the extent of penetration and impacted assets when attacks occur to prevent malware from spreading.
Deploy on-premises, in virtualized data centers, and the public cloud, supporting an organization's evolving deployment preferences without impacting security governance and workflows.
Integrate with their security ecosystem through APIs and partnerships with leading vendors such as Splunk, Palo Alto Networks, and AWS.
As a result, the effectiveness of customers' existing security tools and the productivity of analysts improve, and they can get ahead of the vicious cycle of both rising costs and rising cyber risk.
"NETSCOUT's unique ASI technology allows companies to truly unlock the actionable intelligence embedded in network transactions and packets,Where others have failed, NETSCOUT has made the use of packet data fast and affordable with their patented metadata extraction, intelligent reduction, and indexing. Omnis Cyber Intelligence provides security analysts with the information they need to quickly and accurately assess the scope and scale of an incident and reduce the associated risk and negative impact."
Christopher Kissel, research director, security and trust products, IDC
"Enterprises have invested heavily in cybersecurity solutions, but they are largely ineffective because they lack the actionable visibility needed to spot attacks before they have broad impact," stated Sanjay Munshi, vice president, product management, NETSCOUT. "As attack surfaces expand, the Omnis Cyber Intelligence solution extends throughout the infrastructure, integrates into existing ecosystems, and becomes part of the growing movement towards XDR, using meaningful metadata, or smart data, and powerful cyber analytics to quickly get to the root cause of the cybersecurity issue and mitigate risk."
NETSCOUT SYSTEMS, INC. helps assure digital business services against security, availability, and performance disruptions. Our market and technology leadership stems from combining our patented smart data technology with smart analytics. We provide real-time, pervasive visibility and insights customers need to accelerate and secure their digital transformation. Omnis® Cyber Intelligence delivers the fastest and most scalable network security solution available on the market. NETSCOUT nGenius® service assurance solutions provide real-time, contextual analysis of service, network, and application performance. And Arbor® Smart DDoS Protection by NETSCOUT products help protect against attacks that threaten availability and advanced threats that infiltrate networks to steal critical business assets.