Cyphort completed three major research projects involving SIEM users in nearly 1000 organizations across the US. What we learned was quite surprising. We discovered seven secret sins of SIEMs that were causing various levels of pain and frustration among SIEM users.
If you use a SIEM or are planning the purchase of one for your organization, the seven sins are must-know for effective Tier 1 incident response. The research results shared during the webinar include:
- Discussion of the seven secret sins affecting the majority of SIEM users
- The hidden (and significant) costs of owning a SIEM
- Insight into why SIEMs often fail to deliver the security value users expect
- The surprising staff productivity drain associated with using a SIEM
Cyphort will demo its solution to the seven sins--the Anti-SIEM. The demo shows how Anti-SIEM delivers stronger security and improved productivity at a lower cost--everything SIEM users want.
Special Viewing Offer-
During the webinar, download a complimentary research report by the Ponemon Institute about the state of the SIEM market.
On the heels of WannaCry, the world awoke on June 27 to another cyber attack that employs ransomware as a weapon. But this one is different and has fueled much speculation as to whether it is truly a ransomware attack or a wiper/destroyer attack meant to inflict irreversible damage. In this webinar, we will review some of the details of this attack and discuss clues towards motives and potential threat actors behind this attack.
About the Presenter:
Mounir Hahad, Ph.D. is Sr Director at Cyphort, a Security Analytics company headquartered in Santa Clara, CA. Mounir is the head of Cyphort Labs, the group responsible for conducting threat research within Cyphort and driving detection enhancements for Cyphort’s Advanced Detection Fabric which uses behavioral analysis along with machine learning to detect advanced threats and correlate those incidents with ingested information from third party solutions. Mounir holds a Ph.D. in computer science from the University of Rennes.
The world is experiencing a ransomware attack like no other. While the wave of infections was spreading from East to West, a kill switch was identified that slowed the campaign considerably. Then another kill switch was needed, then another. Against popular belief, these kill switches are only effective against the original strain of the malware. In this presentation, we will review a variant without a registerable web site kill switch and how to protect against it.
Join this webinar and ask your most pressing WannaCry questions.
About the Presenter:
Mounir Hahad, Ph.D. is Sr Director at Cyphort, a Security Analytics company headquartered in Santa Clara, CA. Mounir is the head of Cyphort Labs, the group responsible for conducting threat research within Cyphort and driving detection enhancements for Cyphort’s Advanced Detection Fabric which uses behavioral analysis along with machine learning to detect advanced threats and correlate those incidents with ingested information from third party solutions. Mounir holds a Ph.D. in computer science from the University of Rennes. Prior to Cyphort, Mounir held various engineering management positions with Cisco’s Security Technology Group and with IronPort Systems.
Cyphort just introduced the innovative Anti-SIEM. It’s everything you want in a SIEM and less: Less Cost, Less Noise, Less Complexity, and Less Wasted Time.
Here’s why you will find the Anti-SIEM quite interesting.
Cyphort conducted extensive research with your peers in nearly 1,000 organizations across the US. The clear consensus from the majority of SIEM users is that they want more effective security analytics capabilities, and more detection and visibility into the specific advanced threats that are likely the root cause of those endless security alerts you deal with every day.
The insights from that research enabled us to create a powerful software platform that combines advanced threat detection, actionable security analytics, and automated threat mitigation. It’s called the Anti-SIEM and its open architecture allows it to ingest data from all your security devices and provide a consolidated, timeline view of security incidents.
New research from Cyphort and the Ponemon Institute puts the spotlight on many significant pain points affecting the productivity and satisfaction of Security Operations Center (SOC) and incident response (IR) teams in large organizations.
In this webinar, Dr. Larry Ponemon of the Ponemon Institute and Franklyn Jones, vice president of marketing at Cyphort, will discuss the key findings of the survey, including:
* 70% want their SIEM to generate alerts that are more accurate, prioritized, and meaningful
*78% of have 1 or less full-time staff assigned to SIEM administration, and yet 64% or organizations pay more than $1 million annually for external consultants and contractors to assist with SIEM configuration and management
*Less than half of respondents say their SIEM supports the forensic analysis of security incidents
New research from Cyphort and the Ponemon Institute puts the spotlight on many significant pain points affecting the productivity and satisfaction of Security Operations Center (SOC) and incident response (IR) teams in large organizations. Clearly, there is growing dissatisfaction with the value these teams are getting from their getting from their SIEMs. New research reveals the negative impact this has on the security posture of these organizations.
The solution may lie in the emerging category of Security Analytics. Join this session to learn:
• Key findings from the research
• How security analytics makes life easier for overworked security teams
• What are the key functional requirements
Franklyn Jones, VP of Marketing, Cyphort, Jeff Pollard, Principal Analyst, Forrester
Security leaders understand that there's no catching up to the volume of attacks that threat actors can throw at them. They also know they can't solve problems with technology alone. In 2016 and onward they look to blend technology, people, and process together and create an Adaptive Response framework that allows them to integrate detect, protect, and respond so that each one augments the other. Join us for a webinar with guest Forrester Principal Analyst, Jeff Pollard, as we discuss the current barriers that exist before an organization can build Adaptive Response capabilities. Cyphort will discuss and demonstrate how their technology helps transforms enterprises by becoming an adaptive response fabric that enhances workflows across the domains of detect, protect, and respond.
Larry Ponemon (Ponemon Institute), Franklyn Jones (Cyphort)
According to 2016 research from the Ponemon Institute, companies are spending an average of $16M annually on cyber security tools and technologies, and yet they still struggle to detect and block advanced threats intent on doing damage to their organizations. Too many alerts, too many false positives, and too many days go by before a threat is finally discovered inside the network.
Join us as Larry Ponemon, Chairman and President of the Ponemon Institute, takes a closer look at key findings from research data collected from nearly 600 organizations. From there, Franklyn Jones, Vice President at Cyphort will show you how the company’s innovative Adaptive Detection Fabric can help you extract more value from your existing investments, and gain visibility and control over advanced targeted attacks before they can do damage to your business.
Nick Bilogorskiy, Sr. Director, Threat Operations, Cyphort
Like many viruses, botnets and malware families that we’ve seen over the past decade, hackers continue to find new ways of reinventing old threats. And this is no different for Ransomware.
Ransomware has come a long way from non-encrypting lockscreen FBI scare warnings like Reveton. In 2016 alone, there have been new ransomware families popping up and we expect that to only pick up steam over the summer.
In this edition of MMW, Nick Bilogorskiy, Senior Director of Threat Operations at Cyphort, will discuss:
Locky, the new “it” ransomware and how it works
A deep dive into a new family of ransom locker discovered by Cyphort Labs in March, that uses TOR Hidden Service
Other new ransomware families and why it’s becoming the preferred monetization method for attack
Nick Bilogorskiy, Sr. Director, Threat Operations, Cyphort
Understanding Malware Lateral Spread Used in High Value Attacks
APTs are known to use advanced Techniques, Tactics, and Procedures (TTP), including advanced malware design with protection layers, sandboxing evasion, and lateral movement inside penetrated networks to seek out high value targets.
In this webinar, Nick Bilogorskiy of Cyphort Labs will:
Review various lateral movement techniques and methods used by past advanced threats
Look at some APT samples like Shamoon, in detail to show the specific steps in the lateral movement by the malware
Provide an understanding of how lateral movement of APT should help security defenders to better select and implement protection solutions
Anti-SIEM - Everything you want in a SIEM. And Less.
Cyphort delivers the Anti-SIEM, an innovative security analytics and advanced threat defense platform that addresses time, cost, and complexity challenges associated with traditional SIEMs. The software uses machine learning and behavioral analysis technologies to detect advanced threats in web, email, and lateral spread traffic. Threat data is correlated with event and log data collected from other security devices in the network. Results are consolidated and presented as a timeline view of each security incident. One-touch mitigation can contain breaches and strengthen existing tools. The Anti-SIEM works with or without an existing SIEM to reduce noise, improve productivity, and accelerate response.