Rewriting the rules on how to protect against evolving adversaries
Hackers are getting better at exploiting your organization’s increasingly complex IT environment. Adversaries are using highly customized attack campaigns to infiltrate their targets and evade detection for long periods of time. In this podcast recorded at RSA Conference 2017, Yonatan Striem-Amit, CTO and co-founder of Cybereason, talks about how his company defends complex IT ecosystems.
Here’s a transcript of the podcast for your convenience.
My name is Yonatan Striem-Amit. I’m the CTO and co-founder of Cybereason. I started the company five years ago with two of my dearest friends. Our mission was simple – we want to take and reverse the hacker advantage.
At the time – and it still is true today – hackers were getting the upper hand all the time. And we figured, knowing how hackers operate is key to understanding how to beat them, and the industry was thinking about it wrong. They were trying to just prevent the entry without thinking what the hackers were doing afterwards. So we came and built a technology which started by looking at them, then analyzing data in massive scale to find out what the hackers were doing. And repeatedly, what we’ve done is we’ve reversed the hacker advantage.
The industry theory a few years ago was that the attackers have to win once and the defenders have to win all the time. With Cybereason, when we settled out for our mission, we reversed it. Every single loss for a hacker is a humongous strategy loss for him. As you may know, when you try to hack into a network, you don’t just do one thing, you don’t come in and leave immediately with everything done, there’s a huge amount of actions and steps that go with it. That has been the company’s mission at the get-go.
We recently announced an extension of the way we deliver that reversal of the mission. This is our total endpoint protection platform which combines the ability of the engine to do very massive large-scale analysis of what hackers are doing in the environment, and finally rooting them out. With a protection engine that also delivers next generation protection to your endpoint.
With Cybereason, you can have situations where if somebody is trying to get in using malware, we’ll stop him at the malware level, the protection of the endpoint level. If he’s using non-malware-based technology, every action it does can be served to find them, and then drive protection to the environment. Essentially, taking care of the entire protection stack; not for the individual endpoint, but for the enterprise as a whole.