It’s Time to Transform Your Cyber Defense to Be More Dynamic & Proactive
By Kathy Trahan, May 26, 2022
Erratic and unpredictable adversaries are becoming immune to traditional linear defense approaches. Security analysts, drowning in alerts and information overload, are dealing with too many manual cycles of researching, investigating and analyzing configuration guidelines, best practices, and hardening documents that are incomplete and/or contradictory, without a full understanding of blue team exercises, making them unable to prioritize next steps. Mean time to respond is increasing adversary dwell time/breakout time to damage. Lack of effective change control processes and a clear understanding of the impact of applying a particular countermeasure in a customer’s environment, bring friction between security and IT teams.
Summed up, today’s dynamic threat landscape is alive and chaotic. Yet SecOps attempts to stay ahead of real-time threats is met with additional chaos. Consider:
- On average, companies with over 1,000 employees maintain about 70 security products from 35 different vendors, according to a report by CCS Insight.
- Unsurprisingly, according to an ESG¹ study, 44 percent of these alerts go uninvestigated due to a combination of talent scarcity and the multiplicity of security solutions generating a huge volume of alerts. The top barrier cited was the sheer volume of never-before-seen malware, with 44 percent of respondents citing this as their key concern. Coming in a close second (30 percent) was the time it takes to investigate threats once they are discovered.
- According to Cybersecurity Ventures, the cost of ransomware damage is expected to reach $265 billion by 2031. Their report predicts that there will be a new attack every 2 seconds, as ransomware perpetrators progressively refine their malware payloads and related extortion activities.
Additionally, SOC professionals’ response to threats is met with limited success, as previous approaches don’t have the necessary strategic defensive thinking and require a highly adaptive framework to guide not only SOC professionals, but also security architects, engineers, auditors and IT admins.
To address the need for dynamic proactive defenses, Trellix is introducing our Adaptive Defense Model (ADM). ADM emphasizes the importance of preparedness and “shifting left” to increase the security stance of an organization before the attack. It provides automated coaching with progressive insights during and after the attack to deliver solid countermeasures that minimize impact.
Unlike traditional linear models, ADM will help CIOs and CISOs identify assets at risk, mitigating actions, increase visibility, detection, and response capabilities to prevalent threats with a deeper understanding of the why and when of actions.
A new framework and approach
Some well-known cybersecurity models focus on modeling the attacker, not the defender. While they may offer some of the “what and how” to mitigate, they do so from a linear perspective. ADM offers the “when and why” to use defensive tools and actions. The framework is designed to boost SOC preparedness, anticipation and critical thinking.
Dynamic, full attack lifecycle guidance
ADM covers the entire attack lifecycle, offering guidance before, during and after the adversary initiates the attack, and empowering the SOC to address the attacker’s complete actions, end to end.
OODA (Observe, Orient, Decide, Act)
To predict movement effectively this feedback loop provides continuous guidance based on progressive insights---assuring best security outcomes.
ADM offers intuitive guidance to boost the necessary critical thinking in each attack phase. ADM is focused on quickly driving solid security outcomes: positive attack simulation results, reduce exposure and risk, and improved security.
An example of AMD in action may be seen in the recently released defensive playbook in Trellix Insights.
As SOCs work to stay ahead of the evolving threat landscape, Trellix is pleased to offer this proactive, dynamic defensive approach, shifting SOC teams’ readiness to help defend faster and smarter, with proven best practice guidance. Highly dynamic defense will transform your cybersecurity to become living security. To learn more, read the adaptive defense model white paper.
Mar 15, 2023
Trustwave and Trellix Announce Strategic Partnership to Deliver Best-in-Class Managed Detection and Response to Protect Global Organizations
Feb 22, 2023
Trellix Finds LockBit Ransomware Gang Most Apt to Leak Stolen Data
Feb 8, 2023
Trellix Launches Xtend Global Channel Partner Program
Feb 6, 2023
President Biden Names Bryan Palma to National Security Telecommunications Advisory Committee
Jan 17, 2023
Trellix Endpoint Scores 100% Detection with Zero False Positives in Latest SE Labs Endpoint Security Test
The latest from our newsroom
The Bug Report – January 2023 Edition
By Jesse Chick · February 1, 2023
January began with a headache on a Sunday morning and, if you happen to be on the receiving end of this month's remote code excitement, it ended with one, too.
Cyberattacks Targeting Ukraine Increase at End of 2022
By Daksh Kapur, Tomer Shloman, Robert Venal and John Fokker · January 24, 2023
From malicious email and URLs to nation-state backed use of malware, cyberactivity continues to accompany kinetic military activity and social discontent.
Trellix to Lead the XDR Market
By Daniel Ramos · December 19, 2022
Recognition by the analytical firms and peer review programs in all the main XDR front-end components including EDR, NDR, SEG, CWWP, and DLP.
Get the latest
We’re no strangers to cybersecurity. But we are a new company.
Stay up to date as we evolve.
Zero spam. Unsubscribe at any time.