March 5, 2019 (BETHESDA, MD) – Fidelis Cybersecurity, a leading provider of threat detection, threat hunting, and response solutions, today announced the latest release of the Fidelis Elevate™ platform. This unified platform addresses the challenges that security professionals face when hunting for threats via traditional methods such as logs, events, and alerts. Organizations can now collect network and endpoint metadata of content and context to provide real-time and retrospective analysis for detection, threat hunting, and response across complex on-premises, cloud, and hybrid environments with speed, accuracy, and clarity.
This new release includes major innovations across the Fidelis Network ®, Endpoint and Deception offerings. When used together as a platform, users gain unmatched insight into their organization’s cyber terrain, including identification of the vulnerable attack surface. Fidelis fully integrates, automates, and orchestrates robust capabilities for asset discovery and classification, network data loss prevention, network threat detection and response, endpoint detection and response, forensics, and deception.
"When speaking with CISOs across the globe, they mention several interlinked challenges - improving visibility of what's really going on in their hybrid environments, getting a handle on the never-ending flood of false positives, and reducing the number of security tools in their stack that still leave blind spots for their teams to deal with," said Nick Lantuh, President and CEO, Fidelis Cybersecurity. "Collecting logs, events, and alerts actually slows their ability to detect, hunt, and respond properly. Instead, organizations need rich, indexable metadata that provides the necessary content and context for deep visibility, an understanding of their cyber terrain, and the ability to rapidly and accurately respond. Ultimately if you don’t know your terrain, then you don’t know what to defend…and if you don’t know what to defend, then there is no way for you to ensure a robust defense."
The Fidelis Elevate platform now offers the ability to continuously discover, classify, and assess assets, including laptops, desktops, servers, enterprise IoT, shadow IT, and legacy systems. Fidelis Endpoint discovers all software installed on these assets, while continually running vulnerability assessments and alerting on any installed vulnerability. Fidelis Network maps all communications surrounding each device to visualize potential attack paths between assets. These newly integrated capabilities combined with rich meta data provide security professionals with the visibility and context needed to take action in reducing the attack surface and effectively protect vulnerable assets.
The release also cements Fidelis as a leader in the emerging deception technology space, offering the widest range of decoys available, as well as becoming the first vendor to offer a network security platform that integrates a fully functional deception product. Fidelis decoys offer customers more features and management than any other vendor. With this expansion, the company now provides a full range of deception layers, including solutions for organizations that desire a safe and smart deception alarm system, as well as researchers who desire to learn TTPs and analyze code for attribution and mitigation from real OS VM decoys.
Key platform innovations by product line include:
- Discover, Profile and Classify Your Network Terrain: Fidelis continuously discovers and classifies network assets, including enterprise IoT, shadow IT, and legacy systems. Whenever network threats are detected, the knowledge of the asset under attack is critically important and usually not available to the network sensor – until now.
- Gain Visibility of Threats Hidden in Encrypted Traffic: Fidelis can profile encrypted TLS traffic and can uncover problems with certificates, weak encryption, and the ability to apply a patented approach to determine human vs. machine browsing activity. The TLS dashboard presents a view into encrypted traffic running in your environment which can uncover malicious usage.
- Identify Assets, Software Inventory, and Vulnerabilities: Fidelis Endpoint now provides details on software name, publisher, version, and install date. Customers can now cross-reference this information with known vulnerabilities to map their vulnerable endpoint attack surface. Copies of first seen executable files and scripts are also collected, addressing the problem of malicious software that will often delete files to hide traces and evade detection.
- Endpoint Prevention: Fidelis Endpoint provides process blocking with OpenIOC hashes or YARA rules for increased prevention independent of AV engine choice. The Fidelis AV feature is optional, which allows Fidelis Endpoint to coexist with any AV engine and add complimentary process blocking based on threat intelligence feeds.
- Flexible Decoys via Emulation and/or Real OS VMs: Decoy servers support both emulation and real OS VMs in customer environments and licensing enables wide spread use, not just specific VLANs. Fidelis Deception is unique with its continuous asset profiling and classification of a customer’s cyber terrain to automate decoy creation and deployment.
- High Performance Network Sensors: The latest version of Fidelis Deception is fully integrated with Fidelis Network Sensors which provide a 5X improvement in performance to 10G network speeds. Deception also shares the same UI and alert / conclusion database as Fidelis Network to allow visibility and management of all alerts from Fidelis Elevate into a single pane of glass.
"Fidelis Elevate provides a security ecosystem that gives our customers visibility across their entire environment to hunt for unknown threats that are missed by traditional security solutions," said Lantuh. "The data at the core of security stacks is shifting away from logs and events and towards metadata because of its richness which is more conducive to the application of machine learning and data science. Our ability to access content while providing context in real-time, combined with our understanding of network, cloud and endpoint terrain means that we help customers accurately and quickly detect, hunt and respond to advanced threats like no one else."
Fidelis Elevate is part of a wider portfolio of product and service offerings including Managed Detection and Response, Incident Response, Security Assessments and Threat Research as a Service.
The latest release of Fidelis Elevate will be generally available on March 29th.
To learn more about the Fidelis Elevate and our services, visit us at RSA booth 1441, online at www.fidelissecurity.com, or request a demonstration.
About Fidelis Cybersecurity
Fidelis Cybersecurity is a leading provider of threat detection, hunting and response solutions. Fidelis combats the full spectrum of cyber-crime, data theft and espionage by providing full visibility across hybrid cloud / on-prem environments, automating threat and data theft detection, empowering threat hunting and optimizing incident response with context, speed and accuracy.
By integrating bi-directional network traffic analysis across your cloud and internal networks with email, web, endpoint detection and response, and automated deception technology, the Fidelis Elevate™ platform captures rich metadata and content that enables real-time and retrospective analysis, giving security teams the platform to effectively hunt for threats in their environment. Fidelis solutions are delivered as standalone products, an integrated platform, or as a 24x7 Managed Detection and Response service that augments existing security operations and incident response capabilities. Fidelis is trusted by Global 1000s and Governments as their last line of defense. Get in the hunt. For more information go to www.fidelissecurity.com.