Multi layer defense – case study from the field

I just came back from a trip to Singapore (my first time visiting – highly recommended country to visit ). During my visit I had a chance to meet Cyber Observer customers and also some potential customers.

I was sharing with them some case studies I saw while running POCs in the last couple of weeks and it’s time to share one of these cases with everyone….

It’s common today to see different enterprise end-point solutions that attempt to block data from entering organizational networks. But endpoint defense shouldn’t be your only layer of defense. A good security program will involve multiple layers and a mix of tools, each providing different services to ensure that if the bad guys get past one layer, they’ll be picked up by another.

Proxy solutions, secure browsing, sandboxing, white stations, removal of admin rights, device control – all these solutions, and more, exist today to ensure you’re not bringing malware inside. Organizations might pile on as many layers as they can in order to keep the organization safe.

Often, even when we run POCs with new clients, we’ll see that the anti-virus is frequently finding new malware – but instead of this being a sign that the anti-virus is doing its job, it can indicating that there is another security layer that isn’t functioning as it should be – that, somewhere, there’s a gap in your security that needs to be addressed.

Cyber Observer continuously checks all the tools in your organization to ensure they’re deployed optimally and functioning as intended, relaying the critical, high-level awareness to senior manages in a single interface, ensuring security data from multiple layers of tools are captured – and the more tools in your network we’re connected to, the more visibility we have over your entire security program and more understanding we have regarding your security posture.

If your anti-virus is picking up on malware, we can give you the insight to see where in your other security layers you’ve got weakness or a hole. Addressing those areas is how organizations push their security posture forward – because if you’re relying on your anti-virus, all it takes is one machine with an outdated virus definition update to let malware go undetected in your network.

Cyber Observer is designed to deliver comprehensive management capability – which means that a single critical alert indicating discovery of a malware can lead managers down a path to secure other areas of their security program, identify gaps, and advance the organizational posture as a whole.