Current methods of cyber threat intelligence are like a doctor trying to diagnose cancer without blood tests or an MRI. These speculative threat detection methods – risk scorecards, curated alerts, indicators of compromise, etc. – are great, if you like vague warnings; but they fall way short if you want hard evidence of actual cyber threat activity. Risk ratings can also be problematic, as false-positives and false-negatives are common.
APEX™ is like a cyber MRI. It tells you exactly where your network has been compromised, which malware is being used, the threat group behind it, how active the breach is and what it is being used for. It also provides this same level of visibility for your partners’ networks, so you can monitor your entire supply chain for any evidence of emerging risk. With APEX™, organizations get brighter, more intelligent information they can use to drive intelligent business decisions.
APEX™ reverses the normal process of threat intelligence. It doesn’t scan your network for vulnerabilities, hunt for phishing emails or watch for suspicious network activity. These methods are useful as part of a broader defense strategy, but they tend to miss just as much as they detect (if not more) – especially when the attacker is sophisticated, and knows how to fly under the radar.
Instead of trying to detect attacks with guesswork, APEX™ goes directly to the source – the hackers’ own networks. By infiltrating the actual criminal servers that hackers use to launch their attacks and control their malware, APEX™ is able to see directly inside these attacks from the point-of-view of the hackers. This gives your company real-time intelligence and unprecedented visibility into these attacks, with total confidence in their accuracy. Rather than sitting inside your network and waiting for an attack to show itself, APEX™ allows you to do the exact opposite – be on the outside, looking in, by viewing your network through the hackers’ attack chain.
All it takes is one successful breach to unravel a company. Years of hard-earned, expensive intellectual property can be lost in an instant to a foreign rival. Gigabytes of customer data can be exposed, leading to expensive remediation efforts. Financial records can be stolen, costing millions of dollars in fraud.
APEX™ works in tandem with a company’s other security solutions to provide constant, around-the-clock monitoring of successful breaches that may have escaped detection by these other products. This fail-safe detection ensures companies don’t get blindsided by attackers who would otherwise spend weeks or months lingering inside the network, spreading laterally across the company’s operations or staging a backdoor for future attacks. Think of it like insurance for your security spend: APEX™ is there to make sure nothing gets by undetected, and it can also tell you how effective your current security solutions really are. If they’re not preventing these breaches ahead of time, you need to make a change.
Hackers are increasingly targeting corporations through their supply chains. Smaller, weaker vendors provide a backdoor that hackers can use to sneak inside a larger corporation without being detected.
Until now, corporations have had no real way of knowing just how much risk they are being exposed to through their supply chains. Security audits and partner reviews only go so far. At the end of the day, a supplier or vendor can simply choose not to disclose information about cybersecurity incidents. And, in many cases, particularly with smaller companies, the supplier probably doesn’t even know it has been compromised in the first place.
With APEX™, corporations can make sure their partners aren’t hiding something that may put them at risk. Through our exclusive intelligence capabilities, any company can X-ray its entire supply chain to look for active, recent or historical cyber compromise activity.
Unlike threat monitoring products which deliver a lot of “noise” before they hit on a real alert, APEX™ does just the opposite. It only tells you when a compromise is actually taking place. By avoiding noisy alerts and “false-positives,” APEX™ empowers your network security team to be more effective, work faster and immediately prioritize confirmed threats.
This unprecedented “confirmed compromise” capability means companies can reduce the time it takes to detect a breach from months (the average time is five months!) to minutes. By enabling a rapid response to new threats, companies can dramatically reduce the potential damage – and, ultimately, the cost – of any future breach that should occur.
Compromise Intelligence™ is Malware communications that completely sidestep your entire security stack in live threat actor campaigns. This counterintelligence is collected not in your network or over the wire but from inside enemy infrastructure. It contains victim IP address, timestamp, machine name, OS version, malware type, threat actor, campaign, communication type and more.