Based on Blackpoint’s patented Live Network Map, SNAP-Defense enables real-time identification of the threat behavior used in every recent major network breach and insider attack: lateral movement with privileged credentials. “The hackers rarely enter a network where they want to be,” said Jonathan Murchison, the CEO and Founder of Blackpoint. “First, they must discover the victim’s network, then invariably, they grab credentials of insiders; now the outsider looks like an insider. Lastly, they move laterally to expand access, exfil data, and/or destroy devices. SNAP-Defense identifies, tracks, and alerts all that behavior as it happens, in real time.”
The current threat hunting process is neither real-time or simple. It involves highly-skilled cyber analysts reviewing terabytes of arcane network logs. As such, it is expensive and backward-looking, and within reach of only the largest companies. The “hunting” involves searching through vast logs of the various “point” cyber security tools ranging from anti-virus software to SIEMs. New “orchestration suites,” which ingest data from all those tools, only compound the complexity and expense. While artificial intelligence has somewhat eased the process, most current tools generate hundreds of thousands of alerts – which then require manual investigation, thus further delaying response times.
SNAP-Defense, by contrast, delivers the threats to your desktop. “It starts with our patented Live Network Map,” said Murchison, “because you have to know, accurately, what is on and active in your network to put alerts in context and effectively defend. We focus on the behavior that matters from both outside and inside threats: lateral movement and clever system administration tradecraft. Then, we deliver the threat to your desktop, including all the relevant information on the suspected endpoint and credential. With full information, it’s a one-minute decision process. And, if warranted, a one-click containment of the threat. So, we do the hunting, you make the kill – before valuable information is ex-filtrated or the ransomware spreads to the next subnet.”
SNAP-Defense also provides an advantage in speed of deployment. Other tools require weeks of deployment with tasks ranging from endpoint policy to data science and multi-tool integration. SNAP-Defense, by contrast, deploys automatically in a few hours or less. Therefore, SNAP-Defense is relevant as an incident response asset – making sure the “doors are shut” in that critical moment – even before forensic analysis has started.
In addition to revolutionizing threat response, SNAP-Defense is also proving useful in assisting IT directors in evaluating security around their daily IT operations as well as playing a significant role in providing compliance processes including PCI and NIST 800-171.
Blackpoint Cyber is a cyber security company delivering Next Generation Hunt and Response Software while reducing the security stack and spend. Founded by former DoD cyber operations experts, it is our passion and mission to provide the fastest, easiest-to-use, and most cost-effective cyber security products to IT and Security professionals of all levels of experience. Backed by Telcom Ventures and Orbis Operations, Blackpoint has built substantial IP including a patented approach to their Live Network Map and Immediate Lateral Movement Detection.
For more information, please contact:
View original content with multimedia:http://www.prnewswire.com/news-releases/blackpoint-announces-snap-defense-20-next-generation-cyber-threat-hunting-software-300540555.html
SOURCE Blackpoint Cyber
Powered by WPeMatico