Operations

2/3/2017
04:30 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Cyber deception startup Cymmetria announces the introduction of ActiveSOC for incident response decision making

February 2 , 2017 – Cymmetria, a developer of comprehensive cyber deception solutions , today
announced the release of ActiveSOC™ – a new module in its MazeRunner cyber deception
solution, to assist its customers with incident response decision making and hunting
automation.

ActiveSOC allows organizations to deploy deception elements to networks and systems, based
on events observed by the SOC or systems such as a SIEM, threat intelligence platforms, and
other security controls. Using ActiveSOC, network defenders can deterministically treat their
noisy production environment as if it was a clean lab environment. ActiveSOC is able to validate
“below-the-threshold” events that might otherwise be ignored by analysts. It also allows for
alerts that reach the analyst to first be validated, reducing overall SOC costs, user friction, and
IT interruptions.

“ActiveSOC provides significant security and workflow value to the customer in intelligence
generation and decision making, while reducing analyst workload,” said Gadi Evron, Founder
and CEO of Cymmetria. “With ActiveSOC, deception is only deployed when and to where it is
needed. As a result, IT integration is much smoother.”

By allowing specific triggers to activate deceptive countermeasures, ActiveSOC deterministically
validates that there is an actual attack taking place without interfering with IT systems or the
user. Afterwards, the deception elements that were deployed are automatically removed.
Because ActiveSOC validates alerts before they reach the analyst, analyst workload is decreased
and SOC costs are reduced.

ActiveSOC is immediately available to Cymmetria’s MazeRunner Enterprise Edition customers.
For more information, visit https://www.cymmetria.com/.


About Cymmetria:
Cymmetria is a startup offering a pioneering cyber deception solution, based on breadcrumbs
and decoys that lead attackers away from valuable targets. With Cymmetria, organizations gain
the ability to detect threats, shape attacker behavior, and mitigate attacks. Founded in 2014 by
security experts Gadi Evron and Dean Sysman, Cymmetria is changing the asymmetry of cyber
security, tilting the traditional security odds so that hackers are the ones left vulnerable.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication
John Fontana, Standards & Identity Analyst, Yubico,  9/19/2018
Turn the NIST Cybersecurity Framework into Reality: 5 Steps
Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems,  9/20/2018
NSS Labs Files Antitrust Suit Against Symantec, CrowdStrike, ESET, AMTSO
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: White Privelege Day
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-17282
PUBLISHED: 2018-09-20
An issue was discovered in Exiv2 v0.26. The function Exiv2::DataValue::copy in value.cpp has a NULL pointer dereference.
CVE-2018-14592
PUBLISHED: 2018-09-20
The CWJoomla CW Article Attachments PRO extension before 2.0.7 and CW Article Attachments FREE extension before 1.0.6 for Joomla! allow SQL Injection within download.php.
CVE-2018-15832
PUBLISHED: 2018-09-20
upc.exe in Ubisoft Uplay Desktop Client versions 63.0.5699.0 allows remote attackers to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of URI ha...
CVE-2018-16282
PUBLISHED: 2018-09-20
A command injection vulnerability in the web server functionality of Moxa EDR-810 V4.2 build 18041013 allows remote attackers to execute arbitrary OS commands with root privilege via the caname parameter to the /xml/net_WebCADELETEGetValue URI.
CVE-2018-16752
PUBLISHED: 2018-09-20
LINK-NET LW-N605R devices with firmware 12.20.2.1486 allow Remote Code Execution via shell metacharacters in the HOST field of the ping feature at adm/systools.asp. Authentication is needed but the default password of admin for the admin account may be used in some cases.