Intelligent CISO Issue 13 | Page 12

news Forrester names BlackBerry Cylance consulting a strong IR performer lackBerry Cylance, a business unit of BlackBerry Limited, has announced that Forrester Research has selected the company as a strong performer in the recent Forrester Wave report covering cybersecurity incident response (IR) services. The global report highlights the BlackBerry Cylance consulting team’s well-defined processes to ensure effective incident response. The Forrester Wave report is an in-depth assessment of 15 of the most significant cybersecurity IR services vendors across 11 criteria. BlackBerry Cylance Consulting achieved the highest possible score for incident response, supporting products and services, average hours per response and industrial control systems (ICS). B “We’re so pleased to see Forrester reinforce the effectiveness of our proven AI incident response methodology based on containment, remediation and prevention,” said Corey White, Chief Customer Officer at BlackBerry Cylance Consulting. “Our expert consultants work quickly to not only resolve incidents and restore operations, but also to leverage BlackBerry Cylance’s first-of-its-kind Artificial Intelligence to get ahead of the kill chain and prevent incidents before they happen. Our ability to rapidly quarantine known and unknown malware, deploy sophisticated detection rules and support AI-driven automated response, gives customers the predictive advantage they need before any data, systems or reputations are damaged.” 12 KASPERSKY LAB ANNOUNCES ENHANCEMENTS TO APT INTELLIGENCE REPORTS aspersky Lab has enhanced its APT Intelligence Reports with contextual information related to advanced persistent threat (APT) actors. K The company has also added mapping to the MITRE ATT&CK threat model for previously discovered attacks. These improvements help security operations teams subscribed to the APT Intelligence Reporting service better understand adversaries’ goals, techniques and capabilities. This allows them to connect incidents with a threat actor to improve their understanding of the motivation behind a specific attack. Teams will also be able to predict the attacker’s next steps, to better protect themselves from future incidents. The APT reports from Kaspersky Lab now provide an overview of each APT group, including country of origin, aliases, list of previous targets and victims, as well as the typical tools and descriptions of past campaigns. The reports also include links to additional resources, specific Indicators of Compromise (IoC) and YARA rules, to help organisations detect these attacks. Previously discovered APT campaigns are mapped to MITRE ATT&CK, a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. Experts break down the attacks into several phases in accordance with the PRE-ATT&CK and ATT&CK Enterprise matrixes, showing which tactics and techniques were leveraged at every stage. Issue 13 |