Datasheet DeCYFIR 10-Jan-2022

Download as pdf or txt
Download as pdf or txt
You are on page 1of 8

DATA SHEET

DeCYFIR
TM

The cyber-ally for defenders to mitigate external threats and fend off
cyberattacks

DeCYFI R is a SaaS-based external threat landscape management platform designed to


defend your organization by uncovering your attack surfaces, building your digital risk
profile, and using personalized cyber-intelligence to predict imminent attacks.

With DeCYFI R, clients receive a single pane of glass to their external threat landscape
and know exactly the counter measures needed to close security gaps. They can deploy
their cyber defenders and resources to where they are most needed and keep attackers
at bay.

DeCYFIR is a non-intrusive cloud platform


At t ack Surface Discov ery
that provides quality cyber-intelligence that
meet the following stringent criteria:

Predictive insights that give early warnings Vulnerability Intelligence


to clients on cybercriminals targeting them.

Personalized intel that is catered to client’s


industry, technology and geolocation. Brand Intelligence

Multi-layered intelligence that


comprehensively covers strategic, Digital Risk Discov ery
management and operational layers.

Contextual insights that connect the dots


between hacker, motive, campaign, and Situational Awareness
method.

Outside-in view provides insights into the


Cyber- Intelligence
external threat landscape so that client
can see from the hacker’s lens.

With DeCYFI R, clients are provided w ith a set of prioritized remediation to prevent a
breach from occurring.

DeCYFIR is the unified external threat landscape management


platform providing attack surface discovery, vulnerability intelligence,
brand intelligence, digital risk protection, and situational awareness.
© CYFIRMA 2022, ALL RIGHTS ARE RESERVED. DATASHEET | 1
TM
DeCYFIR

KEY FEATURE DESCRIPTION BENEFITS

Predict impending cyber-attack targeting your Early warnings and alerts to


PREDICTIVE organization and subsidiaries before cybercriminals help you prepare against
can cause harm your business. attacks

Data points and insights are tailored to match the


Remov e noise and reduce
PERSONALIZED technology you are using, industry you are operating
false positiv es
in and your geolocation.

We present complete contextual details related


indicator of compromise [what is it, background
Giv es deep understanding of
details, malicious / non malicious, location details,
CONTEXTUAL cyber threats so as to mount
what it is being used for [C&C, hoop to attack,
effectiv e defence strategies
malicious hosting site] affiliation cybercrime
campaign, cybercriminals.

Detailed insights into your external threat landscape -


who are the cybercriminals interested in you, their Comprehensive view to ensure
CYBER-INTELLIGENCE motiv ation, what do they want from you, when can cyber-defenders are not blind-
they attack and how are they going to attack, tools, sided
techniques they can use.

Awareness of attack surfaces


Proactively identify exposed external assets, shadow helps you identify a potential
ATTACK SURFACE DISCOVERY IT, forgotten systems and more which can be path of attack, and you can
exploited by cybercriminals. take steps to reduce and
mitigate risk.

Identify weakness into your external assets, Helps prioritize patch


VULNERABILITY INTELLIGENCE understand how cybercriminals are looking at management programs and
exploiting identified v ulnerabilities. remediation

Identify cases of infringement, impersonation related Reduce the risk to your brand,
BRAND INTELLIGENCE
to brand, product, solution, and people products and solutions

Understand trends and new threats in your industry,


Reduce the risk to your brand,
SITUATIONAL AWARENESS technology stack you are using and geography
products and solutions
where you are operating

© CYFIRMA 2022, ALL RIGHTS ARE RESERVED. DATASHEET | 2


TM
DeCYFIR

KEY FEATURE DESCRIPTION BENEFITS

Reduce risk of cy bercriminals hurt ing


Proact iv ely ident ify dat a leaks, breaches, leaks,
DIGITAL RISK PROTECTION y our brand or used against y ou for
impersonat ion t o
new cy berat t acks

• Ex ecut iv e View is a risk-based approach meant for


Ex ecut iv es t o quickly underst and ex t ernal risk
ex posure and chances of being hacked Cat ers across hierarchies and
TAILORED DASHBOARD • Management View is t he guided approach on funct ions so ev ery one is on t he
sy st emat ic remediat ion process same page
• Operat ional View present s y ou w ith t echnical
det ails of findings and remediat ion

Search capabilit y helps y ou t o search for t hreat s,


I nst ant ly address pressing queries
HEURISTIC SEARCH cy ber-at t acks, breaches, t hreat act ors, malw are, and
relat ed t o ex t ernal t hreat s
phishing campaigns from a single plat form

Enable y ou t o quickly obt ain holist ic


v iew on how a v ulnerabilit y could
Risk dossier show ing correlat ion t o I OCs, v ulnerabilit ies,
RISK DOSSIER be ex ploit ed v ia specific campaign,
at t ack surface, digit al risk, and more
and t he cy bercriminals behind it .
U nderst and impact on y our asset s

Tailored alert cent er t o underst and w hat is t he most Helps y ou t o quickly priorit ize
ALERT CENTRE
import ant t hreat s and risks t o y our organizat ion remedial act ions

W e offer t ake dow n serv ices w ith 3 RFI s a mont h under


w hich w e deliv er int elligence-based research, deep W e help y ou mit igat e t he risk w it h
TAKEDOWN SERVICES
div e report s on t opics, incident s, ev olv ing cy ber t rends concret e act ions
ident ified by y ou

I ncident response using DeCYFI R


You can int egrat e t he insight s using STI X and TAXI I int o int elligence hunt ing capabilit y
INTEGRATION WITH SECURITY CONTROLS
y our securit y cont rols prov ides complet e cont ex t ual
det ails

I ncident response using DeCYFI R int elligence hunt ing Speed up incident response w it h
INCIDENT RESPONSE
capabilit y prov ides complet e cont ex t ual det ails complet e ex t ernal t hreat analy sis

▪ W e help y ou monit or y our 3 rd part y using t heir ▪ Secure y our digit al ecosy st em
THIRD-PARTY RISK DISCOVERY AND domains, no need for complex and int rusiv e and gain v isibilit y t o 3 rd-part y
MONITORING implement at ions. cy ber risk.
▪ Map out t heir digit al risk profile and gain ▪ Discov er w eaknesses in y our
aw areness on w het her t hey hav e suffered any supplier’s digit al asset s.
dat a leaks, v ulnerabilit ies ex posed, and more ▪ Be aw are of 3rd part y ’s cy ber risk
post ure and underst and how it
could impact y ou.

© CYFIRMA 2022, ALL RIGHTS ARE RESERVED. DATASHEET | 3


EXECUTIVE VIEW
DeCYFIR’s dashboard is a decision tool for executive leadership helping them
understand the shifting dynamics and accelerate critical decision-making.

Executiv e dashboards to Risk and Hackability Telemetry of Ov erview on cyber


help leaders understand Scores for quick scan key statistics threats that matter
shifting dynamics and of threat landscape to your organization
accelerate critical
decision-making

Understand Critical threat


Risk and indicators show
Hackability up distinctly on
Scores and dashboard to
Trends facilitate timely
and accurate
decision making
Real-time v iew
of External Threat Deep insights
Landscape attributing
threat actor,
motiv e,
campaigns
and impact

Prov ides Situational Aw areness on w hat is


happening globally and how these changes
could be a threat to organization’s digital
profile. Understand the risks that could be
coming your w ay as possible threats.

© CYFIRMA 2022, ALL RIGHTS ARE RESERVED. DATASHEET | 4


MANAGEMENT VIEW
The best -practice systematic approach for security management facilitates risk
mitigation with step-by-step guidance. DeCYFIR methodically uncover attack
surfaces, vulnerabilities, attack methods, digital risk exposures, dark web
observations, and provide situational awareness.

Take swift actions to Systematically o Attack surface o Digital risk exposures


mitigate risk with step- uncover: o Vulnerabilities o Dark web observations
by-step guidance
o Attack methods o Situation awareness

1 IDENTIFY ATTACK SURFACE IDENTIFY ATTACKERS’ POTENTIAL ENTRY POINTS

WHERE ARE THE DOORS Counts informs you of the


AND WINDOWS TO GET IN latest exposures in last 7
days
• Help client Identify assets such as
Attack Surface provides
domain, sub-domain, IP address
doors& windows through
range, software versions, which hackers can access
vulnerabilities, and more, which your organization
are exposed to hackers Trends depict how you are
• Help client obtain a full view of faring in a particular time
period for each category
attacker-exposed assets, consult
methods and evaluate Detail View of an indiv idual
organizational risk attack surface, tells you the
sev erity and related
• Help clients establish an attributes
effective security strategy

SECURITY LEADERS BECOME PROACTIVE RISK


2 DISCOVER VULNERABILITIES ADVISORS RATHER THAN REACTIVE

KEYS TO ‘DOORS’ AND ‘WINDOWS’


CRIMINALS CAN EXPLOIT 3 mont hs t rending helps
manager t o underst and
• Help client see from cyber- w hich of t heir asset s are
attacker’s point of view more v ulnerable

• Understand weakness and List of Crit ical


v ulnerabilit ies in t he last 3
potential points of
mont hs t hat t he
compromise organizat ion should be
looking out for
• Vulnerability intelligence
can be used to build Det ails/at t ribut es of t he
crit ical v ulnerabilit y
threat models and security
planning

© CYFIRMA 2022, ALL RIGHTS ARE RESERVED. DATASHEET | 5


ENHANCE SECURITY TELEMETRY WITH DEEPER INSIGHTS
3 UNDERSTAND ATTACK METHODS INTO POTENTIAL ATTACKS

UNDERSTAND HOW Latest Phishing attacks


HACKERS INTEND TO correlated to your
organization
BREACH YOUR
ORGANIZATION TO MOUNT Important for Managers to
AN EFFECTIVE RESPONSE v iew the Lists of most
recently released Malwares
by Hackers that can be
• Know the methods and hazardous to your
tools deployed by organization,
adversaries
Cyber attacks are often
• Receive intelligence on lev eraged by threat actors
campaign details at the as part of a coordinated
early stage of planning campaign against your
organization
Extensive listing of relev ant
Indicators of Compromise -
MD5, SHA, IP, DOMAIN,
HOSTNAME, URL, EMAIL, CVE,
EXPLOIT, MUTEX, FILE, SSL, etc.

AI ENGINES UNCOVER EVIDENCE INDICATING CYBER


4 DARK WEB OBSERVATIONS RISK AND ATTACKS TARGETING YOU

GO TO THE HACKER’S
TRENCHES AND
UNCOVER EVIDENCE OF
POTENTIAL ATTACKS

• Stay ahead of
cybercriminals by
gaining insights to
threat indicators
• Give yourself a head
start with actionable
cyber-intelligence
• Activate an effective
defense strategy with
timely intel

Threat Intel assets gathered from


Deep/Dark Web and hackers forums,
closed communities

© CYFIRMA 2022, ALL RIGHTS ARE RESERVED. DATASHEET | 6


ADAPT SECURITY ARCHITECTURE WITH DIGITAL
5 DIGITAL RISK PROFILE RISK CONTEXT

All the online entities that are


TAKE BACK CONTROL impersonating organization’s
OF YOUR DIGITAL digital profile and assets
LANDSCAPE based on the domain name
prov ided.

• Uncover brand/product Digital profiles which have the


infringement potential to bring disrepute to
your brand.
• Expose executive
impersonations Know what data have been
breached from your organization
• Be the first to know when
that hackers can potentially use
data leaks breaches, and to attack you. This can include
impersonations have files/usernames/passwords, etc.
occurred
• Mount a defense strategy to Hackers can exploit these
v ulnerabilities, attack vectors,
prevent recurrence
bring disrepute to your
organization, exfiltrate sensitive
data, and more.

ACHIEVE HIGHER LEVELS OF EFFICIENCY,


6 SITUATION AWARENESS EFFECTIVENESS, AND ACCURACY IN DECISION-MAKING

GAIN CONTROL OF Ev en in the best-funded, most


FAST CHANGING mature organizations, there are
LANDSCAPE BY information gaps in knowing what
the current state is and what it
UNDERSTANDING should be. This is where situational
EMERGING THREATS awareness becomes a necessity
to guide critical decision-making.

• Arm yourself with Arm your organization with the


relevant latest dev elopment in the cyber
threat landscape and understand
information to its impact to your business.
latest cyber-
attacks in your Risk scoring for specific insights
industry, changes to help prioritize resources to
to cyber laws attend to risk and threats.
and other
Graphical representation of types
essentials
of threats and malware for quick
• Insights to guide update on threat landscape,
strategic, v iew by geography, industry and
technology lens.
management
and tactical Insights are curated just for the
decision-making organization, relev ant to the
geography, industry and
technology used.

© CYFIRMA 2022, ALL RIGHTS ARE RESERVED. DATASHEET | 7


OPERATIONS VIEW
DeCYFIR allows operations team to see through the clutter and identify
vulnerabilities that need immediate attention.
The Hackability Score quantifies the probability of client organization’s
digital profile and assets being hacked, considering recent malicious
dev elopments in client organization’s external threat landscape.

The Risk Score signifies the lev el of risk applicable to client organization
in the wake of recent dev elopments in the external threat landscape.

Threat actors, their campaigns and impact to your organization

With ov er several hundred thousand software, middleware and hardware


running in an enterprise, it is a complex job to keep the systems patched.
DeCYFIR provides a full inv entory of all your affected systems and
respectiv e vulnerabilities. Vulnerability management is prioritized on the
basis of potential impact and ease of av ailability of exploits.

DeCYFIR uncovers Digital Risk, specifically, data leaks, breaches, brand


infringement, impersonation, exposure in social/darkweb/etc.

Monitoring of exploit av ailable for specific v ulnerabilities, on surface


web as well as dark web, allow security operations team to see through
the clutter and identify the v ulnerabilities which require immediate
attention.

PRIORITIZED, RELEVANT AND TACTICAL MITIGATIONS FOR SOC TEAMS


Monitoring of exploit av ailable for specific
v ulnerabilities, on surface web as well as dark web,
Operations Teams can optimize resources, allow security operations team to see through the
increase efficiency and effectiveness
clutter and identify the v ulnerabilities which require
Delivering actionable insights on vulnerabilities, immediate attention.
IoCs, and hashes that are relevant to your
industry, geography, and technology
DeCYFIR validates an indicator and connects
individual indicators with campaigns, threat Extensive listing of relev ant Indicators of Compromise -
actors, techniques MD5, SHA, IP, DOMAIN, HOSTNAME, URL, EMAIL, CVE,
EXPLOIT, MUTEX, FILE, SSL, etc.

ABOUT CYFI RMA


CYFI RMA is an ext ernal t hreat landscape manage me nt plat form co mpany . W e co mbine cy ber
int elligence w it h at t ack surface discov ery and di git al risk prot ect ion t o deliv er predict iv e, personalized,
cont ex t ual, out side-in, and mult i-lay ered insight s. W e harness o ur clo ud- based AI and ML-pow ered
analy t ics plat form t o help organizat ions pro act iv ely ident ify pot ent ial t hreat s at t he planni ng st age of
cy beratt acks. Our unique appro ach of prov iding t he hacker’s v iew and deep insig ht s int o t he ex t ernal
cy ber landscape has helped client s prepare for upcoming at t acks.
CYFI RMA w orks w it h many Fort une 5 00 co mpanies. The co mpany has offices locat ed i n U SA, Japan,
Singapore, EU and I ndia.
ht t ps://w ww.cyfirma.com/ ht t ps://w ww.cyfirma.jp/

© CYFIRMA 2022, ALL RIGHTS ARE RESERVED. DATASHEET | 8

You might also like