According to a recent survey released by McKinsey, cybersecurity has become a top concern of the world’s business leaders that are willing to dedicate adequate funds to address it, yet lack appropriate, integrated and effective tools to support fast, fact-based cyber security management. Features commonly described as problematic are namely: a lack of structure, that is overly exhaustive reports failing to effectively identify cyber risks; a lack of clarity, that is the use of overly technical language failing to effectively translate the nature of cyber risks to the top management; and a lack of consistent real time data, that is conflicting information from various sources on the level of risk assets are exposed to.
A holistic approach for a better cybersecurity
“A holistic approach to cybersecurity can address these failings.
A holistic approach proceeds from an accurate overview of the risk landscape—a governing principle that first of all requires accurate risk reporting. Thanks to a holistic approach, organizations no longer get lost between the different cybersecurity solutions implemented. The goal is to empower organizations to focus their defenses on the most likely and most threatening cyber risk scenarios, achieving a balance between effective resilience and efficient operations.” How to do it with efficiency?
- Identify risks and risk appetite
- Analyze and evaluate each risk regarding to likelihood of occurrence and potential impact
- Process (create an overview of all initiatives undertaken to mitigate the top cyber risks)
- Monitor over time
At TEHTRIS, we decided to improve this situation with a simplified equation, by using this holistic approach. TEHTRIS Endpoint Security agents use automated analysis with robots and Artificial Intelligence engines, building large threat intelligence databases worldwide, on a 24/7 basis. With a living product powered by sharp technologies, TEHTRIS focuses on helping security officers to understand, detect and mitigate issues as quick as possible. TEHTRIS offers a new take on cybersecurity using enhanced endpoint protection, which correlates security events to determine whether something is amiss on a protected workstation or server.
What is an XDR solution, eXtension Detection & Response?
In eXtension Detection & Response, the X has many meanings. At TEHTRIS, as in mathematics, the X, the unknown, echoes the slogan “Facing the unpredictable”. Our ambition is to provide a detection and response service that comprehensively addresses known and unknown threats. Secondly, the X is also an X to say that it works everywhere, for all attack vectors and surfaces, compared to the E for Endpoint in EDR technology for example. Finally, the X means that our method is an “eXtended” method, so that our customers and partners benefit from an enhanced detection and response service. Much more developed than a simple EDR solution.
eGambit: an integrated and complete tool
TEHTRIS’ eGambit is a complete cybersecurity arsenal that delivers all-round security with high-quality service by deploying integrated proprietary on-premise and cloud-based software combining asset inventory, security audits, SIEM, NIDS, Endpoint Detection and Response, Honeypots, and Forensics, with unified machine learning enhanced SOC analytics. These services are coupled with security threat monitoring, breach assessment, and incident response.
The eGambit Endpoint Security agent, running on UNIX and Windows, is one of the key components provided in the full eGambit product. It performs a real-time analysis of each active code running on the protected endpoint, leaving goodware alone and killing malware. In case of doubt, the unknown active code is sent to a bunch of tools to determine its level of danger and decide about the action to take. The product comes with an application that centralizes security events throughout the infrastructure in a unified console. eGambit also proffers advanced features like the SIEM for the endpoints and remote Audits (network, vulnerabilities…). Companies that choose to improve their IT security with eGambit Endpoint Security often strengthen it with eGambit SIEM, which offers security complements such as firewalls, proxies, servers, antiviruses, and the like. These events are collected and centralized in a local and secured appliance for further investigations and if need be for evidence purposes. Consultants and customers can check for wide patterns and low signals indicating a stealthy attack. The Endpoint Security agent uses automated analysis with robots and AI engines, building large threat intelligence databases that function round the clock across the globe. TEHTRIS Consultants help the client to structure his cyber risk management approach in a frictionless holistic way, raising from technical to business-driven approach his investment on eGambit arsenal.
A protection beyond borders
TEHTRIS’ eGambit arsenal adapts to both Fortune 500 companies’ needs for absolute security and small and medium-sized businesses’ requirements for cost-effective detection of incidents. For example, the best results were obtained on the infrastructure of a customer working in 15 countries ((in different time zone and tights operational constraints). TEHTRIS was able to protect the worldwide Windows environment in less than 1 week. eGambit Endpoint Security agent currently protects customers in countries like the US, Canada, the UK, Brazil, China, Saudi Arabia, Czech Republic, Luxembourg, Spain, Belgium, and France.