Story image

Securonix and Cylance partner to drive end-to-end security offering

16 Oct 18

Security solutions providers Cylance and Securonix have announced a partnership to support the interoperability of CylancePROTECT with the release of the Securonix Security Analytics Platform.

Customers of Cylance and Securonix will now have the tools necessary to implement a prevention-first security strategy with CylancePROTECT and Securonix’s Security Analytics Platform to view and contextualise real-time intelligence collected at the endpoint.

In tandem, the two products will provide security operations centre (SOC) teams with a view of both cloud and endpoint security events in addition to the continuous protection and prevention capabilities required to proactively detect and defeat viruses, malware, ransomware, and other known and unknown threats.

Securonix products senior vice president Nitin Agale says, “By integrating our Security Analytics Platform with CylancePROTECT, we not only prevent bad actors from infecting endpoint systems, but we also ensure that every attempt they make at moving laterally across the network can be promptly detected, traced, and terminated automatically before critical systems or data are compromised.

In combination, CylancePROTECT and the Security Analytics Platform will enable SOC teams to minimise organisational risk while optimising operational efficiency.”

Threats can be resolved and remediated automatically, minimising time-to-detection but and the time between detection and quarantine.

For example, if CylancePROTECT detects and blocks a malicious file at one endpoint, the Security Analytics Platform can respond immediately by pushing out rules to every other endpoint on-premises and in the cloud to quarantine that file and block its execution.

Cylance chief product officer Eric Cornelius says, “Organisations need cybersecurity solutions that are proven to be effective at preventing both today’s and tomorrow’s attacks while providing the actionable threat intelligence SOC teams need to proactively manage cyber risk across the enterprise.”

CylancePROTECT and the Security Analytics Platform aim to provide a consolidated view of security event activity:

  1. CylancePROTECT prevents adversaries from gaining a foothold at the endpoint by detecting and blocking the execution of both file-based and fileless attacks and by applying policies for device and script control, application control, and memory exploitation protection.
     
  2. The Security Analytics Platform uses restful APIs to ingest the security event data collected by CylancePROTECT at the endpoint. This includes not only information about suspect files, applications, scripts, and processes, but also event metadata, file attributes, and more.
     
  3. The Security Analytics Platform aggregates and correlates ingested data with user behaviour analytics and network-based threat indicators and applies sophisticated machine learning algorithms to accurately detect advanced and insider threats and rank them based on risk scores. The Security Analytics Platform then generates prioritised alerts for threats that exceed a pre-defined risk threshold.
     
  4. SOC personnel can visualise and interrogate the resulting threat chain data within the Securonix management dashboard, drilling down and pivoting from one threat indicator
Comms providers hit by most DDoS attacks in Q3 2018
New data indicates attackers preyed on the large attack surface of ASN-level communications service providers with a ‘bit-and-piece’ approach.
Check Point launches hyperscale network security solution
With Check Point Maestro, organisations can scale up their existing Check Point security gateways on demand.
Should AI technology determine the necessity for cyber attack responses?
Fujitsu has developed an AI that supposedly automatically determines whether action needs to be taken in response to a cyber attack.
Trend Micro’s telecom security solution certified as VMware-ready
Certification by VMware allows communications service providers who prefer or have already adopted VMware vCloud NFV to add network security services from Trend Micro.
Frost & Sullivan honours Honeywell's IIoT value creation
Frost & Sullivan has awarded Honeywell with the 2018 Global Customer Value Leadership Award for its work protecting industrial internet of things (IIoT) customers.
Top cybersecurity threats of 2019 – Carbon Black
Carbon Black chief cybersecurity officer Tom Kellermann combines his thoughts with those of Carbon Black's threat analysts and security strategists.
Google's €50m fine a wake up call for big data analytics
Data analytics are essential to company growth, competitive differentiation, and innovation. But there’s now a huge challenge.
UK security startup Barac sets sights on America
“Malware hidden in encrypted traffic is one of the biggest threats organisations are facing today,” says new EVP global sales.