Bricata, LLC, a developer of network intrusion detection and prevention solutions, today announced an OEM relationship with Cylance® Inc, Cylance is the first cybersecurity company to employ machine learning and artificial intelligence to create a lightweight, independent malware conviction engine. This agreement means Bricata will embed the Cylance engine into its network appliance and virtual solutions. The combined solution will expand the capacity of the security operator to detect, prevent AND hunt for unknown threats on the wire inside an organization.
Bricata has commercialized Open Source solutions (Suricata and Bro) providing advanced signature-based and pattern matching to alert on the known threats and scripting to hunt for the unknown threats, respectively, with a consolidated management console and visualization layer. This innovative solution enables the security operations professional to hunt for suspicious behavior and anomalous or untrusted traffic. The addition of the Cylance engine enables protection against the latest threats, such as ransomware and zero-day malware. Bro’s file carving, analysis and scoring provides one more layer of defense and context in filtering alerts, optionally passed to Security Information and Event Management (SIEM) and Log solutions for further review via out of the box APIs.
“The combined approach is the only commercialized solution of best-of-breed technologies, Open Source and partner developed, in concert with our intellectual property addressing today’s zero-day market requirements of threat evolution,” said Bricata CEO John Trauth. “The reality is threats already exist inside the firewall leaving organizations at risk and security analysts with the near impossible task of keeping up in a complex infrastructure. IT Security must layer in new methods of detection aimed at the east-west traffic to mitigate threats and reduce complexity, dwell time and time to containment.”
The market timing is especially noteworthy as organizations are increasingly shifting both their overall approach to cybersecurity and the way they invest to combat today’s advanced, persistent and coordinated threats. Business impacting events make the news every week and are forcing organizations to re-examine the assumptions driving current IT security staffing, practices, processes and defense tools.
“IT risk and security leaders must invest in technical, procedural and human capabilities to detect when a compromise occurs,” wrote Ayal Tirosh and Paul E. Proctor of Gartner, Inc. in a January 2017 report titled Shift Cybersecurity Investment to Detection and Response. “They must provide the tools for first responders to react quickly and investigate the source and impact of breaches, compromises and incidents.”
“By 2020, 60% of enterprise information security budgets will be allocated for rapid detection and response approaches, up from less than 20% in 2015”, per the same report. Adding the Cylance engine to Bricata’s platform provides unique operational benefits due to superior efficacy and decision-making speed versus traditional antivirus and can also act as a pre-filter for more resource intensive analysis, such as sandboxing. The power of Cylance’s predictive, machine learning approach allows Bricata customers to rapidly discover previously unknown threats and focus precious security personnel and other resources on incident response and remediation.
“Bricata is an excellent partner for Cylance because of its innovative platform with development led by industry veterans that share our vision in changing the status quo for IT security,” said Cylance Co-founder, President and CEO Stuart McClure. “Organizations can no longer rest in a reactive IT security posture. To get ahead of the problem, we have to focus on early identification of attacks with the objective of prevention.”
Bricata will be exhibiting at the 2017 RSA Conference in San Francisco in Booth S536. A demonstration of the integration with the Cylance technology will be made available and representatives will be on hand to answer questions.
About BricataBricata is a network cybersecurity solution supplier helping organizations harness the power of complete network visibility to detect, hunt and prevent threats with the only commercialized Open Source and partner developed malware conviction engine. A specialized component-based approach to today’s advanced, persistent and coordinated attacks leaves organizations with a stack of tools to manage, lack of visibility across the network and inconsistent security policies. Bricata’s platform for federating security technology and console provides organizations with process automation, streamlining operations with the most effective, affordable solution for situational awareness and proactive threat defense, reducing complexity, dwell time and time to containment. For more information visit: bricata.com.
About Cylance® Inc.
Cylance is the first company to apply artificial intelligence, algorithmic science and machine learning to cybersecurity to prevent the most advanced security threats in the world. Using a breakthrough predictive analysis process, CylancePROTECT® quickly and accurately identifies what is benign and what is a threat, and prevents malicious code from ever executing on a targeted system. By coupling advanced machine learning and artificial intelligence with a unique understanding of an attacker’s mentality, Cylance provides technology and services that are truly predictive and preventive against the most advanced threats. For more information visit: www.cylance.com.
Cylance and CylancePROTECT are registered trademarks or trademarks owned by Cylance Inc. in the United States and other jurisdictions and may not be used without prior written permission. All other trademarks are property of their respective owners.
POC: media – at- bricata -dot- com