After more than a year of working with Israeli cyber-security start-up Cybereason, US aerospace and data protection firm Lockheed Martin officially released a cyber-security solution based on the Israeli firm’s technology.
“We often look to our partners to help shape and create best practices and products,” said Angie Heise, vice president, Lockheed Martin Commercial Cyber. “We have been working with Cybereason to do just that. Cybereason’s market-leading endpoint threat detection and response capabilities complement our cyber security offerings, providing customers a solution that is driven by our unique threat feed intelligence and enhanced by our powerful ‘analyst on demand’ program.”
Although known mostly for its defense and weapons work, Lockheed-Martin has a large information technology division – and in fact, the company is the number one IT solutions provider to the U.S. federal government. According to the company, its does nearly $9 billion in cyber-security business annually with clients in the private sector, government, and defense arena.
In 2013, Lockheed Martin, EMC Israel, and Ben Gurion University signed a deal in which the three organizations committed to work together to ferret out promising Israeli cyber-security start-ups, and help them develop their technology into commercial products. One company they came up with was Cybereason, which takes a different approach to cyber-security.
“Most people think of cyber-security as an IT issue, and that if a computer ‘appears’ clean and acts normally, it is,” said Lior Div, CEO of Cybereason. “That isn’t usually the case, though, as hackers can act in a very stealthy manner without the victim of an attack even realizing what is going on.”
Cybereason uses what Div calls silent sensors to discover attacks.
“We use a big data approach, checking every piece of data going into or out of a machine,” said Div. “We collect and analyze the information and present customers with a full snapshot of what is going on at any particular time, and alert them not just to specific anomalies that they need to follow up on, but whether they are actually under the attack.”
Two principles guide Cybereason, said Div; one is that “the system has to be simple enough for all customers, enabling them to understand what is happening and what needs to be done even if they are not experts in security. The second is that “hackers are probably already in your system; there is no way to keep them out, so we don’t even try. The key is to eliminate the attack as soon as it is discovered, and that is what we concentrate on, very successfully.”
The sensor system was one thing Lockheed-Martin liked about Cybereason, and after collaborating together for more than a year, the companies developed and released at last week’s RSA security conference in San Francisco the Lockheed Martin Threat intelligence with Cybereason’s Endpoint Detection and Response (EDR) Platform.
The system place software sensors on all end points within an enterprise, continuously collecting and transparently communicating to the Cybereason Malop Hunting Engine, a big data, behavioral analytics platform designed to reveal malicious operations, otherwise known as Malops.
Customers see the Malops on the system’s Incident and Response Console, so customers know exactly what is happening, and where on the network it is taking place. Lockheed Martin takes this capability to its next logical step, enhancing the Malops Hunting Engine’s data analytics capability with threat feed intelligence from the Lockheed Martin-Computer Incidence Response Team (LM-CIRT) and providing assistance to the end user with help from its “Analyst on Demand” program.
Thus, customers can mitigate cyber-attacks at their root, and better understand the nature of the breach that allowed hackers in, so that they it can be repaired, the companies said.
“The combination of Lockheed Martin’s Threat Intelligence, the Cybereason Detection and Response Platform and Lockheed Martin’s leading Analyst services is a winning trifecta for enterprises combating advance persistent threats targeting their organizations,” said Div,. “Launching Wisdom EDR, powered by Cybereason, is proof positive that market leaders like Lockheed Martin believe in the merits of our enterprise EDR platform to detect and mitigate advanced attacks.”