BETHESDA, MD February 19, 2020 – Fidelis Cybersecurity, a leading provider of Network Traffic Analysis and Digital Forensics and Incident Response solutions, today announced the latest release of the Fidelis Elevate™ platform, which empowers security analysts to know their environment better than attackers and to engage attackers prior to the point of impact.
Fidelis Elevate arms organizations with a streamlined security stack that enables cyber defenders to defeat sophisticated attacks that use a combination of techniques to hide their operation, stage their exploits, evade detection, and leverage network weaknesses. The Fidelis platform integrates network, endpoint and deception defenses, automates and orchestrates workflows, and correlates rich metadata across these security layers to ensure continuous visibility of the cyber terrain, higher confidence detections, and faster response.
In the latest release, Fidelis extends the platform’s capabilities to enable Security Operations teams to more quickly and accurately detect threats and anomalous behavior, while also giving Incident Responders the ability to remotely bring an endpoint to their fingertips. Fidelis maps the cyber terrain, including all managed and unmanaged assets, and attacker TTPs to the MITRE ATT&CK™ framework, while also significantly expanding the use of Machine Learning analytics. Additionally, Fidelis Elevate provides Red Team and Blue Team risk simulations to visualize attackers’ potential lateral movement opportunities between assets. Collectively, these capabilities provide cyber defenders with the critical insights to quickly detect, hunt and respond to threats at every step of an attack, keeping their business operations and data safe.
“We understand the unfortunate reality that a motivated and sophisticated attacker is eventually going to get past protective and reactive defenses,” said Craig Harber, CTO, Fidelis Cybersecurity. “Organizations need the capability to deal with the threat in cyber-relevant time, which means you must fortify your traditional security tools with predictive, proactive, and retrospective capabilities. What we’ve brought to market is a platform that delivers these capabilities to engage the attacker before it becomes a business impacting event.”
Key platform innovations by product line include:
- Map Attacker TTPs to MITRE ATT&CK: Within the Fidelis console, users gain an interactive version of MITRE ATT&CK with identified TTPs mapped to it for improved alert visualization and ease-of-use.
- Machine-Learning Anomaly Detection: Anomalous behavior within the enterprise that is considered high risk can be identified faster via new unsupervised Machine Learning models.
- Risk Simulation: Fidelis allows analysts to visualize potential paths to and from a network device to identify opportunities for an attacker to move laterally.
- Interactive Network Device Map: Fidelis terrain mapping interactively visualizes network device communications prioritized by asset risk to further reduce alert fatigue and enable the analyst to focus on the most important alerts.
- Live Console: Fidelis provides incident responders with direct, remote access into an endpoint’s disk, files and processes, to more quickly mitigate threats found on an asset.
- Map Endpoint Behaviors to MITRE ATT&CK: By mapping endpoint detections to the ATT&CK framework, Fidelis enables analysts to see which tactics and techniques an attacker may be using, as well as determine the proper response.
- Cloud Sandboxing: Fidelis extends its detection capabilities by automatically submitting untrusted executables to the sandbox for analysis. Malicious executables can be added to a blacklist feed to globally block that process. An analyst can also submit executables and scripts to the sandbox for further investigations.
- Enhanced Authenticity of Deception Layer: Customized breadcrumbs, real files usage, complete web site loading and banner configuration enhance the authenticity of the deception layer.
- Faster Decoy Configuration: Fidelis has optimized deception layer configuration by enabling decoys to be configured on multiple subnets within one click, selecting the subnets/assets for breadcrumb distribution based on the asset’s risk and security coverage, and offering support for DHCP and streamlined web site loading.
“While many cybersecurity solutions focus on a point in time, the reality is that the threat is dynamic and always evolving,” said Harber. “Fidelis Elevate provides a comprehensive solution that automatically detects in real-time individual attack techniques and alerts on critical technique sequences which give strong indications of both APTs and potential zero-day attacks, allowing threat hunters to proactively respond to attacks before it’s too late.”
Fidelis Cybersecurity is a leading provider of threat detection, hunting and response solutions. Fidelis combats the full spectrum of cyber-crime, data theft and espionage by providing full visibility across hybrid cloud / on-prem environments, automating threat and data theft detection, empowering threat hunting and optimizing incident response with context, speed and accuracy.
By integrating bi-directional network traffic analysis across your cloud and internal networks with email, web, endpoint detection and response, and automated deception technology, the Fidelis Elevate™ platform captures rich metadata and content that enables real-time and retrospective analysis, giving security teams the platform to effectively hunt for threats in their environment. Fidelis solutions are delivered as standalone products, an integrated platform, or as a 24×7 Managed Detection and Response service that augments existing security operations and incident response capabilities. Fidelis is trusted by Global 1000s and Governments as their last line of defense. Get in the hunt. For more information go to www.fidelissecurity.com. Fidelis Cybersecurity is a wholly-owned portfolio company of Skyview Capital.