CyberProof: Risk-Based Managed Security Services for Rapid Threat Remediation
Tony Velleca, CEOEnterprise CISOs often use Managed Security Solution Providers (MSSPs) to sift through the large number of events and escalate alerts. The problem is that most operate as a black box. There is a lack of transparency and context that limits the proper response. For this, CyberProof created a custom-built orchestration platform that correlates data to enrich alerts with additional information and enable visibility into vulnerability management, detection, and response.
CyberProof has developed SeeMo—a virtual security analyst that leverages its AI investments. SeeMo is a learning Bot who takes on more and more of the threat detection, analysis, and response tasks. “With SeeMo, a customer can automatically enrich event data, identify the most important alerts and accelerate incident response time,” says Velleca.
When an alert comes in, SeeMo automatically provides context. For example, the IP address may be defined as a user, the network, and as part of a system to help determine its “risk” and prioritized. The platform then creates digital playbooks aligned to these smart alerts based on its priority and thereby minimizes response time. Experienced security specialists augment client teams to help respond to these threats. “We bring the best of both worlds together. While SeeMo helps detect, enrich, analyze, and anticipates potential threats; our dedicated security specialists determine the best course of action and turn this into digital, repeatable playbooks. The result is lower cyber risk and worthwhile cyber spend,” remarks Velleca.
CyberProof focuses on three measures of cyber security risk and practically uses these measures as the basis of prioritization. These risks are (1) vulnerability risk, (2) detection risk, and (3) response risk. In other words, how vulnerable am I to the most damaging attacks, can I see these attacks when they happen, and how quickly can I respond and mitigate the damage. The MITRE ATT@CK framework is utilized by CyberProof to align these risks down to the attack technique level. In this regard, CyberProof helps its clients evaluate their risks in relation to the well-known kill chain. For a cyber attack to take place, it must go through the entire kill chain. Looking at vulnerabilities using this framework helps customers prioritize their work. “By proactively managing the vulnerabilities, our customers are able to fix the most important vulnerabilities first,” adds Velleca.
One client, a financial institution, was overloaded with vulnerabilities. CyberProof helped this client prevent a potentially disastrous ransomware attack by addressing the most important vulnerabilities first in addition to helping to work down the backlog by adding engineers.
Velleca envisions a future where SeeMo and the CyberProof platform provide clear measures of cybersecurity risk that are used by Board members to understand and make the right decisions on how to manage this risk most effectively—with residual risk being addressed with cyber insurance. “Cyber security is a fast-changing, cold-war-like problem. We believe that, working with the top CSOs, SeeMo can learn and adapt quickly and provide a capability to focus resources in the best way to reduce risk,” concludes Velleca.
CyberProof focuses on three measures of cyber security risk and practically uses these measures as the basis of prioritization. These risks are (1) vulnerability risk, (2) detection risk, and (3) response risk. In other words, how vulnerable am I to the most damaging attacks, can I see these attacks when they happen, and how quickly can I respond and mitigate the damage. The MITRE ATT@CK framework is utilized by CyberProof to align these risks down to the attack technique level. In this regard, CyberProof helps its clients evaluate their risks in relation to the well-known kill chain. For a cyber attack to take place, it must go through the entire kill chain. Looking at vulnerabilities using this framework helps customers prioritize their work. “By proactively managing the vulnerabilities, our customers are able to fix the most important vulnerabilities first,” adds Velleca.
One client, a financial institution, was overloaded with vulnerabilities. CyberProof helped this client prevent a potentially disastrous ransomware attack by addressing the most important vulnerabilities first in addition to helping to work down the backlog by adding engineers.
Velleca envisions a future where SeeMo and the CyberProof platform provide clear measures of cybersecurity risk that are used by Board members to understand and make the right decisions on how to manage this risk most effectively—with residual risk being addressed with cyber insurance. “Cyber security is a fast-changing, cold-war-like problem. We believe that, working with the top CSOs, SeeMo can learn and adapt quickly and provide a capability to focus resources in the best way to reduce risk,” concludes Velleca.
Company
CyberProof
Headquarters
Aliso Viejo, CA
Management
Tony Velleca, CEO
Description
CyberProof aims to give clarity and confidence to businesses worldwide with a new risk-based approach to cyber security services. CyberProof is part of UST Global, serving some of the world’s largest enterprises with their digital transformations. As trusted partners throughout the entire cyber journey, The enterprise promises companies around the world measurable risk reduction and justified ROI. CyberProof aims to give clarity and confidence to businesses worldwide using a bold, new risk-based approach to cyber security services. CyberProof serves as a trusted partner throughout the cyber journey, guiding companies towards a more accurate view of their risk, and a smarter investment in their security
