Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


02:37 PM
Dark Reading
Dark Reading
Products and Releases

Co3 Systems Delivers Security Incident Response In Major Platform Expansion

Provides automated, single-pane incident management in a secure, isolated environment for general security incidents

CAMBRIDGE, Mass. – February 26, 2013 – Co3 Systems, a pioneer in Incident Response software, today announced a major expansion to its industry-first, SaaS-based incident response platform. Complementing and extending the expertise and proven success of the company's flagship Privacy module, the new Security module is the first solution available from any vendor that provides automated, single-pane incident management in a secure, isolated environment for general security incidents including malware infections,Distributed Denial of Service attacks (DDoS) and Advanced Persistent Threats (APTs). As a result, internal incident response teams and incident response service providers can achieve unprecedented levels of effectiveness, accuracy, consistency and compliance, while substantially reducing expense and risk.

The inevitability of compromise today is impossible to ignore, and by many estimates, irresponsible. The Ponemon Institute estimates that slow response to any security incident can be extremely costly –and is getting more expensive every year as attacks become more aggressive and sophisticated. Over the past two years, Ponemon estimates the average time to resolve a cyberattack has grown to 24 days from 18, with an average cost for participating organizations rising to $591,780 from $415,748 –a 42% increase. This "ticking time bomb" is driving explosive growth in an Enterprise Incident Response market predicted to total $14.79 billion by 2017.

Forrester Analyst Rick Holland, in a January report titled, "Five Steps To Build An Effective Threat Intelligence Capability," stressed the need for a focus on incident response and leveraging technology to accelerate intelligence assimilation and process improvement. Holland said, "In today's threat landscape, mature incident response is critical, yet it is very immature at most companies... Mature incident response (IR) consists of technology but also, most importantly, people, process, and oversight."

Even with the most mature internal response teams or external incident response firms, resource coordination and process management are significantly underdeveloped. Domain expertise resides in the minds of team members, and is neither complemented by nor manifested in technology. Tracking processes are generally manual, cumbersome, highly distributed and insecure, leveraging "traditional IT" such as email and spreadsheets--which in some cases become themselves a vulnerability for firms. Process and organizational improvement are very difficult to accomplish, inconsistent and dependent on individual input.

Co3's Privacy module was the market's first daily use and preparedness tool for privacy incidents and is considered today as the industry standard. It provides an easy, automated way to ensure consistency and accountability--across teams, organizations and external stakeholders-- in managing incidents that concern Personally Identifiable Information (PII). Building on this strong and proven foundation, Co3's Security module extends the capability to security events such as malware infections, phishing-related compromise, Distributed Denial of Service (DDoS) attacks, device or Intellectual Property theft and system intrusions.

Co3 Security Incident Management encompasses all phases of incident response, from planning and "fire drill" testing, through codifying best practices into a repeatable response system and subsequent analysis and reporting tools. Benefits of the module include:

· Organizational Readiness--allows organizations to account for and enroll all response team stakeholders, validate and encode response policies and procedures and categorize and profile critical networks and systems

· Event Identification and Assessment--enables immediate alerting of/engagement with all team members, evaluation of incident precursors and indicators, automatic prioritization and assignment of activities, tracking of events/ maintaining logbooks, logging of evidence and generation of assessment summaries

· Incident Containment, Eradication and Recovery-- provides real-time IR plan generation, complete team response coordination, containment strategy selection, cause isolation and evidence gathering and handling instruction

· Post-Incident Capture--establishes a central resource for incident results documentation, lessons learned assessment, policy/procedure updates, reporting to authorities, evidentiary retention and historical performance tracking

"The common refrain in the security industry is that there are two kinds of customers, those who have been hacked and those who don't yet know they have been," said John Bruce, CEO at Co3 Systems. "The reality is that every organization at some level is living in a state of compromise, or at least significant exposure. It's well accepted that the question is no longer when companies will suffer an incident, but rather what are they going to do on the day they discover it. While preventative and detective technologies are absolutely critical in reducing exposure, what Co3 has done with our Privacy and Security modules is give companies the ability to not only recover faster, but also develop the organizational competency to attend to them better over time."

Pricing and Availability

The Co3 Security module is available immediately and licensed annually by the number of seats.

Follow Co3 Systems:

Co3 Systems Blog: https://www.co3sys.com/blog

Videos: https://www.co3sys.com/product-videos

Events & Webinar Series: https://www.co3sys.com/news/events

Twitter: @co3sys

About Co3 Systems

Headquartered in Cambridge, MA, Co3 Systems is an innovator in Incident Response Management solutions. The company's SaaS-based offering enables organizations of all sizes to efficiently prepare for and rapidly manage the Response Process for Security Incidents and Privacy breach events. Companies using Co3 demonstrably minimize the costs resulting from incidents. With funding from Fairhaven Capital, the company's executive team and advisors comprise experts from world-leading security, privacy, software and service organizations. On the web at www.co3sys.com

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
NSA Appoints Rob Joyce as Cyber Director
Dark Reading Staff 1/15/2021
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Hunny, I looked every where for the dorritos. 
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-01-21
Kubernetes Secrets Store CSI Driver Vault Plugin prior to v0.0.6, Azure Plugin prior to v0.0.10, and GCP Plugin prior to v0.2.0 allow an attacker who can create specially-crafted SecretProviderClass objects to write to arbitrary file paths on the host filesystem, including /var/lib/kubelet/pods.
PUBLISHED: 2021-01-21
Kubernetes Secrets Store CSI Driver versions v0.0.15 and v0.0.16 allow an attacker who can modify a SecretProviderClassPodStatus/Status resource the ability to write content to the host filesystem and sync file contents to Kubernetes Secrets. This includes paths under var/lib/kubelet/pods that conta...
PUBLISHED: 2021-01-21
Kubernetes CSI snapshot-controller prior to v2.1.3 and v3.0.2 could panic when processing a VolumeSnapshot custom resource when: - The VolumeSnapshot referenced a non-existing PersistentVolumeClaim and the VolumeSnapshot did not reference any VolumeSnapshotClass. - The snapshot-controller crashes, ...
PUBLISHED: 2021-01-21
Kubernetes Java client libraries in version 10.0.0 and versions prior to 9.0.1 allow writes to paths outside of the current directory when copying multiple files from a remote pod which sends a maliciously crafted archive. This can potentially overwrite any files on the system of the process executi...
PUBLISHED: 2021-01-21
Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typicall...