Cybereason Inc., announced today the availability of a new eBook, called "Detecting the Unknown: The Power of Incrimination," that introduces a method for detecting new, unknown malware. Incrimination leverages information on known malware as a bridge to detect new malware, enabling organizations to identify and contain the portions of a malicious operation (Malop) that evades signature-based detection. The eBook outlines a five-step process for manual implementation of the incrimination methodology, as well as considerations for implementing an automated incrimination solution. It is now available for download, free of cost.
"Targeted attacks require defenses that enable us to work smarter, not harder," says Vanessa Pegueros, Chief Information Security Officer, DocuSign. "What makes Cybereason such an exceptional vendor-partner is that in addition to offering great technology, its commitment to documenting and promoting techniques such as Incrimination makes it very easy for us to extract maximum value from its platform."
As reported in the 2015 Verizon DBIR, 70 to 90 percent of malware samples are unique to a single organization. With the number of advanced attacks on the rise, it is impractical for security teams to rely solely on signature-based detection methods.
"Targeted attacks usually consist of known and custom-made malware," says Ashish Larivee, Vice President of Product Management, Cybereason. "The process of Incrimination reverse-engineers the adversary's tactics to better understand the attack and the entire scope of a threat, empowering security teams to act quickly and effectively to contain it."
About Cybereason:
Cybereason was founded in 2012 by a team of ex-military cyber security experts to revolutionize cyber attack detection and response. The Cybereason Detection and Response platform uniquely identifies both known and unknown threats in real time using big data, behavioral analytics and machine learning, and puts them in context to form a complete attack story. The Cybereason console then presents the TRACE elements of every malicious operation: Timeline, Root cause, Attacker activity, Communication, and affected Endpoints and users, eliminating the need for manual investigation and radically reducing response time. The platform is available as an on premise solution or a cloud-based service. Cybereason is privately held and headquartered in Cambridge, MA with offices in Tel Aviv, Israel.