CyberProof: Risk-Based Managed Security Services for Rapid Threat Remediation

Follow CyberProof on :

Tony Velleca, CEO
Today, enterprises are focused on buying more cybersecurity products creating more and more data however it is difficult to see the outcomes achieved in terms of security. They spend a lot of money to patch each of their vulnerabilities but find it difficult to prioritize this long list. “One client told us that it is like spreading butter across the whole slice evenly, which is not the best way to address cybersecurity,” remarks Tony Velleca, CEO at CyberProof. It has become imperative for enterprises to change this approach to ensure their cybersecurity investments are worthwhile. CyberProof realizes that the right approach is to analyze the biggest breach risks and focus investments on managing vulnerabilities, building detection rules, and improving responsiveness when an attack occurs. To do this, an organization must look at each vulnerability, each alert and respond using a “risk prioritized” approach. The best use of AI technologies, in CyberProof’s view, is to collate, contextualize, and analyze alerts and vulnerabilities to allow quick response in a prioritized, pre-defined, and, where judicious, automated manner. To this end, CyberProof offers customers visibility into their security operations and gives them the ability to improve the effectiveness of their cyber defense. “We help our customers to understand the impact of their cyber spend while continuously reducing their risk. This ensures that risk is crystal clear and their cyber investments make sense,” says Velleca.

Enterprise CISOs often use Managed Security Solution Providers (MSSPs) to sift through the large number of events and escalate alerts. The problem is that most operate as a black box. There is a lack of transparency and context that limits the proper response. For this, CyberProof created a custom-built orchestration platform that correlates data to enrich alerts with additional information and enable visibility into vulnerability management, detection, and response.

CyberProof has developed SeeMo—a virtual security analyst that leverages its AI investments. SeeMo is a learning Bot who takes on more and more of the threat detection, analysis, and response tasks. “With SeeMo, a customer can automatically enrich event data, identify the most important alerts and accelerate incident response time,” says Velleca.
When an alert comes in, SeeMo automatically provides context. For example, the IP address may be defined as a user, the network, and as part of a system to help determine its “risk” and prioritized. The platform then creates digital playbooks aligned to these smart alerts based on its priority and thereby minimizes response time. Experienced security specialists augment client teams to help respond to these threats. “We bring the best of both worlds together. While SeeMo helps detect, enrich, analyze, and anticipates potential threats; our dedicated security specialists determine the best course of action and turn this into digital, repeatable playbooks. The result is lower cyber risk and worthwhile cyber spend,” remarks Velleca.

CyberProof focuses on three measures of cyber security risk and practically uses these measures as the basis of prioritization. These risks are (1) vulnerability risk, (2) detection risk, and (3) response risk. In other words, how vulnerable am I to the most damaging attacks, can I see these attacks when they happen, and how quickly can I respond and mitigate the damage. The MITRE ATT@CK framework is utilized by CyberProof to align these risks down to the attack technique level. In this regard, CyberProof helps its clients evaluate their risks in relation to the well-known kill chain. For a cyber attack to take place, it must go through the entire kill chain. Looking at vulnerabilities using this framework helps customers prioritize their work. “By proactively managing the vulnerabilities, our customers are able to fix the most important vulnerabilities first,” adds Velleca.

One client, a financial institution, was overloaded with vulnerabilities. CyberProof helped this client prevent a potentially disastrous ransomware attack by addressing the most important vulnerabilities first in addition to helping to work down the backlog by adding engineers.

Velleca envisions a future where SeeMo and the CyberProof platform provide clear measures of cybersecurity risk that are used by Board members to understand and make the right decisions on how to manage this risk most effectively—with residual risk being addressed with cyber insurance. “Cyber security is a fast-changing, cold-war-like problem. We believe that, working with the top CSOs, SeeMo can learn and adapt quickly and provide a capability to focus resources in the best way to reduce risk,” concludes Velleca.

Company
CyberProof

Headquarters
Aliso Viejo, CA

Management
Tony Velleca, CEO

Description
Managed Security Services that leverages a risk-based approach to cybersecurity to proactively detect and eliminate cyber attacks

CyberProof