Cybereason is armed to combat cyber arson
We shine a spotlight on cyber security specialists Cybereason in a bid to know more about its mission to take down cyber adversaries; Sam Curry, CSO, Cybereason takes some time out to discuss the company’s trajectory
During the Covid-19 crisis businesses have turned to using web services more than ever, as they look to keep a hold of staff while continuing to offer essential / non-essential services. In fact, there was a 47% increase in broadband usage for Q1 2020, according to market reports.
Millions have resorted to different work from home solutions, and during this time vulnerability has increased. Now more than ever, hackers are always on the prowl, looking to infiltrate networks and steal data. Businesses and governments need to stamp out security threats, and Cybereason offers many leading products and services.
The company was founded in 2012 by three former military intelligence officers that managed and commanded cybersecurity teams. “Between Lior Div, Yossi Naar and Yonatan Striem-Amit – the company’s founders – there is extensive experience with hacking operations,” said Curry.
Today Cybereason employs more than 500 people and has more than 600 customers in more than 30 countries.
“The company’s flagship product, the Cyber Defense Platform, takes the cyber advantage away from the hackers and gives it back to the defenders. Cybereason empowers security analysts to respond to and remediate cyber risks by connecting disparate behavioural threats in a single and complete malicious operation called a Malop,” Curry notes.
He adds Cybereason was a pioneer in endpoint detection and response (EDR) from the inception of the term. Cybereason EDR was the first product to focus on ‘behavioural telemetry’ as opposed to recording known-bad behaviour or instrumenting third party logs.
The way Cybereason EDR works is by capturing all of machine, application, file and user behaviour, preserving context in the cloud without the need for compromise in the integrity of collection and with the least impact on systems and users.
Curry added: “The result is the most complete, useful data for real-time detection and remediation of Malops with least disruption to the business. In EPP, Cybereason is among the highest true positive detections of malware and at the same time the least false positives. Cybereason also enjoys the highest ratios of endpoints-to-analysts in the world at more than 150,000 endpoints per analyst in its own and customers’ operation centres.”
Who is vulnerable?
Generally speaking, three classes of industries are the most susceptible; namely financial services, defence and manufacturing and industries where data can be monetised.
Curry adds: “The latter includes online technology companies, insurance and government repositories.
“Also, in times of political or diplomatic turmoil such as a trade wars or critical, federal elections, anything in critical infrastructure becomes targeted and particularly susceptible.”
Cybereason not only provides products and managed services to all of these industries, but also services that can help with preparatory consulting and modelling such as posture and compromise assessments, but also forensics services, advanced analysis services and breach response services. “Cybereason Nocturnus is a world-class research and intelligence team that is often used for context and specific investigations in time of customer need, said Curry.”
Research, development and competition
A quarter of Cybereason’s employees work in R&D which is primarily spread across two offices: Boston and the Middle East. The company’s CTO is based in the United States and the head of R&D is based in the Middle East, where the emphasis is on core engineering, operations and quality assurance. The emphasis in the US is on support, custom engineering and advanced research.
“Cybereason practices agile methodology in two-week sprints with builds on a monthly basis. Given that the Cyber Defense Platform is delivered as a cloud-based service, the customer success function governs versioning, patching and hotfixes,” Curry notes.
When it comes to competition from its peers in the security market, Cybereason shares a philosophical approach. “The goal is not just to stay ahead of the competitors but to stay ahead of the adversaries, which so much of the industry seems to lose sight of,” said Curry .
He believes the only way to attract and retain business is by enabling customers to stop more attacks, as soon as possible.
“The product function and senior leadership take all factors into account from market trends and buying trends to hacker trends and the mission itself to produce an aggressive roadmap that competes in the market, to give ever-increasing value to existing customers and to work with the go-to-market arm of the company,” Curry concludes.