Analytics
12/4/2012
11:09 AM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Cylance Unveils Security Services Lines

Presponse services predetect and solve complex security challenges

Irvine, CA – December 4, 2012 – Cylance, Inc., a stealth security product and services company dedicated to solving large and complex security challenges, today unveiled its first phase of announcements with the availability of its Presponse security service lines, which include critical infrastructure and key resources (CIKR), embedded security, assessments, and incident response/forensics.

Presponse is a more than a word, more than a concept. It describes a new way of thinking about security services delivery. Presponse is predictive pre-detection response that will not only detect a compromise inside an organization, but also determine its attack vector and source, and predict the most likely path of attack for the future. The idea behind Presponse is that it is a way of looking at the problem of security that exposes it to a holistic, objective and predictive eye – and it's a crucial part of Cylance's new services.

"Today, bad guys from around the world can affect the physical world in a severely negative way. The systems that control our physical world today have rarely been designed, architected or developed securely," said Stuart McClure, CEO/President of Cylance, Inc. and former Global CTO of McAfee. "Organizations need easy-to-understand solutions to these fundamental security issues that also work behind-the-scenes, unearthing their flaws; the Cylance Presponse services identify and protect customers from breaches and malicious attacks and is just one of the many reasons why we started Cylance."

Cylance's services, which are now available to the corporate and government markets, include:

· Critical infrastructure and key resources: a specialized service focused on industrial control systems, secure architecture and design, and network and application assessments. The world of CIKR includes energy, telecommunications, banking and finance, chemical, water, healthcare, emergency services, and defense industrial base, among others.

· Embedded: embedded penetration testing, application penetration testing, threat modeling and SDL creation on any Internet-connected devices and the security risks associated with them.

· Assessments: a number of elite capabilities leveraging the vast experience and global reach of the Hacking Exposed series to perform web, application, host, database, network and social engineering assessments. On top of these services, Cylance offers strategic services such as risk assessments and staff augmentation. All of these assessment services are meant to deliver a holistic approach to understanding the true risk in any environment and preventing an inevitable breach.

· Incident response and forensics: malware analysis, enterprise compromise assessment, digital forensic investigations, IR staff augmentation and investigations, combined with talented experts and technology that helps automate the discovery of malicious activity, either past or present, in any environment, in a low touch and almost transparent way.

"Knowing how a malicious actor like a cybercrime gang, a nation-state actor, or a hacktivist might attack an environment is essential to understanding how to respond to a breach," said Corey White, VP of Professional Services at Cylance. "The world looks at the problem by looking back, rather than predicting the future through past knowledge. Presponse flips that around and in doing so solves that dilemma."

About Cylance, Inc.

Cylance, Inc. is a stealth security products and services company bringing together an elite team of security experts to solve very large and complex problems simply and elegantly. Providing both professional services and products, Cylance's mission is to empower the lambs to become lions. For more information about Cylance, please visit www.cylance.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6117
Published: 2014-07-11
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.

CVE-2014-0174
Published: 2014-07-11
Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

CVE-2014-3485
Published: 2014-07-11
The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.

CVE-2014-3499
Published: 2014-07-11
Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.

CVE-2014-3503
Published: 2014-07-11
Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.