Enhancing cyber posture

Necati Ertugrul, Chief Strategy Officer, CyberCyte discusses the company’s focus on threat hunting and attack surface management

Elaborate on the focus areas of your solutions.

Our solution is an MDR Blue Team platform for threat hunting and asset attack surface management. The solutions can be deployed on-premises or on the cloud. The platform enables forensic analysis and asset management and helps to identify cyber risks faster and easier through a zero-trust model. The platform monitors every communication for complete protection from end-users, data centers, cloud platforms, e-mail applications and OT devices to block any unverified communication attempt or the device inside the network.  We enable the discovery of active threats and even hidden threats that are currently not active in the IT infrastructure. Malicious traffic, uncompliant artifacts, and unknown activity not detected by the existing security controls are identified in hours through gap analysis.

How does your solution help with correcting the configuration gaps?

Besides enabling the discovery of unknown threats, based on the artifacts or information we collect, we enable the discovery of configuration gaps as well. It is a complete platform to identify active and passive threats as well as configuration gaps in the IT infrastructure. Based on artifacts, we can create scenarios to detect configuration gaps.

We use industry standards to identify the recommended baseline for configuration within the IT infrastructure and discover any configuration that is not compliant with the recommendations. We also implement the Sigma rules, Yara rules, and also elastic query and language rules so that these rules are executed to identify these threats. We are a kind of SIEM for forensic artifacts. Based on that data set, we also enable remediation.

How are compliance issues in the network taken care of?

We report on compliance issues and applications that are vulnerable. There are security controls applied to them. We enable automatic remediation and execute these actions so that the infrastructure becomes automatically compliant with these recommendations. The execution of the compliance recommendations is automated in the IT infrastructure.

How can your solution be deployed?

It is a service at any level, and it can be fully deployed on the premises or can be deployed by the MSSP or the service provider. All components of CloudCyte are based on virtualized containers enabling scalability without requiring complex resource planning.

How do you see the demand for your solution growing?

We now have very key reference customers. We have deployed our solution in large-scale networks globally. There are very active POCs going on in Banks, Manufacturing companies, Entertainment companies, and many different verticals. We are addressing a problem that is common across networks testing if their security infrastructure is working, the way it is supposed to. We help you assess and enhance your cyber security posture.