Combining man and machine for an edge in cyber defence
Security perimeters are no longer enough to protect organisations from targeted attacks and given the ongoing shortage of skilled cyber security experts, developing better security capabilities on their own is out of reach for many organisations.
F-Secure has launched a new Endpoint Detection and Response (EDR) solution that combines security expertise with the latest technologies to help organisations catch fileless attacks, privilege escalation and other advanced tactics used by attackers.
F-Secure Rapid Detection and Response is an EDR solution that provides companies lacking large IT and security teams or budgets with the advanced capabilities they need to defend themselves. A recent F-Secure report found that targeted attacks caused over half of security incidents investigated by incident responders, and nearly 80% of investigations began after the security perimeter was already breached, exposing companies to data theft and fraud.
Jyriko Tulokas, F-Secure Executive Vice President of Cyber Security Products and Services, stated: “Well-maintained security perimeters are great for commodity threats, but targeted attackers are usually prepared to get through these barriers. And we’re at a turning point where organisations are being forced to confront the fact that getting breached is not a question of if, it’s a question of when.”
F-Secure Rapid Detection & Response combines lightweight endpoint sensors with advanced data analysis capabilities, powered by artificial intelligence, created, operated, and continually refined by F-Secure, to monitor endpoints for malicious activity. When it detects an advanced threat, it provides IT teams or their managed service partners with guidance on how to respond. It can also be configured to automatically implement measures to contain the attack.
Organisations can then receive additional support from a local partner so that they can escalate difficult cases to help them stop the attack and get back to business.
The artificial intelligence used in F-Secure Rapid Detection & Response solution is modelled against real cyber attacks and taught to recognise malicious behaviour by learning what normal behaviour looks like first. Any unusual behaviour receives additional AI-based analysis to eliminate the false positives that can quickly accumulate to overwhelm and distract responders, allowing organisations to quickly and efficiently pinpoint malicious activity before data breaches happen.
This analysis process, called Broad Context Detection, leverages F-Secure’s man and machine approach to combine data points about potential threats and abnormal behaviour observed across endpoints to help defenders validate threats and assess their impact on an organisation’s operations. It builds information about risk levels, affected asset groups, threat intelligence, recommended response steps, and more, into a visualised timeline that helps organisations respond by giving them visibility into the entire context of an attack.
F-Secure Chief Technology Officer Mika Stahlberg stated: “One trick that’s common in modern attacks is to disguise malicious activity as something normal, and attackers are always finding new ways to do this. And since there’s countless numbers of normal things happening in any given environment, it’s basically impossible for companies to rely on human experts or artificial intelligence alone to comb through all that data. Artificial intelligence trained by the best cyber security experts is vital when you’re looking for needles in a digital haystack, and in the right hands, it’s able to keep defenders a step ahead of even the most skilled, highly motivated attackers.”