Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Israeli security startup firm Hexadite automates cyber incident response

Lucian Constantin | July 2, 2014
Technology developed by an Israeli security firm called Hexadite promises to help companies reduce cyber incident response times by automating security breach investigation and remediation.

Technology developed by an Israeli security firm called Hexadite promises to help companies reduce cyber incident response times by automating security breach investigation and remediation.

The company's product, called the Hexadite Automated Incident Response Solution (AIRS), is currently being tested by several U.S. and Israeli-based companies and is expected to be launched around October.

However, companies interested in the technology can request a demo starting Tuesday and then potentially join the beta program, said Hexadite's co-founder and CEO, Eran Barak.

Large enterprises have a wide range of security products running on their endpoint systems or networks, including anti-malware programs, data loss prevention (DLP) systems, firewalls and intrusion detection systems (IDS). These are further complemented by security information and event management (SIEM) products that analyze data from various applications and systems inside the organization and generate alerts.

Traditional approaches to cyber incident response involve a lot of manual intervention from enterprise IT security teams who have to look at every alert, decide whether they're valid security breaches and take steps to remediate them, if necessary. However, the increasingly large number of cyber attacks and the systems deployed to detect them often leave security teams with the task of dealing with hundreds or even thousands of alerts on a daily basis.

According to Barak, this typically results in backlogs causing the average security breach response times of many organizations to range from several days to weeks.

Bloomberg Businessweek reported in March that the data breach at retailer Target data that resulted in the compromise of 40 million credit and debit cards could have been limited if the company's security team in Minneapolis would have reacted in a timely manner to a malware alert from a detection system installed on the company's network.

Hexadite's goal is to reduce cyber incident response times by using proprietary algorithms to automatically respond to security alerts generated by various detections systems. AIRS can investigate, contain and remediate security breaches, as well as rule out false alarms, reducing the time required to resolve an incident by up to 95 percent, the company says.

The product will be made available as a virtual appliance that can be installed on existing hardware. Once it is up and running it is able to perform administrative tasks on the network and endpoints using protocols that already exist and specialized proprietary tools, Barak said.

As an example of how AIRS works, Barak described how it handled a security incident on the network of one of the companies that are currently testing the product. The incident involved an employee from the human resources department opening a malicious PDF file from a phishing email that installed a malware program on his computer.

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.