CyberHat is a leading cyber security solutions company, specializing in: Security Operations
Centers, Security Assessment, Advanced Hacking Simulations, Cyber Intelligence and a wide range of
professional solutions.
Cyber Readiness Assessment
Hacking Simulation
Offering
Incident Response
A sense of what we have already
achieved The Platform Today
SIEM optimization (Only for CORE and ONE delivery
solutions)
Implementing CyberHat’s best practices for
monitoring and detection capabilities, reducing false
alarms
Monitoring Team Monitoring 24/7 the organization’s network traffic, devices, systems and applications for cyber-security events, and manage cyber incident events in near-real time
Incident Response Team (IR)
Experienced and on-demand team to
provide an immediate and effective
response to any critical cyber incident
Threat intelligence
Constantly search, aggregate,
analyze and report
DFIR: Data Forensics and Incident Response Escalations to CyberHat’s experts when needed
CYREBRO Labs
Worrying about the future - identifying
and developing new techniques for
detection and response
24/7 Coverage
Technology Agnostic
In-House Threat Intelligence
Advanced Forensic Capabilities
Short & Effective Onboarding Process
Unique SIEM Optimization Methodology
Multilayer Monitoring and Response Center
Managing and Operating Existing SIEM Technology
Utilizing existing SIEM technology for ideal monitoring
Optimization of SIEM processes, existing rules and correlations from a practical and offensive point of view
Tier 1 – Tier 4 capabilities
Updating & Streamline of flight guides and run books
24/7 Incident Response team
Personal customer experience and clear SLA
Weekly / Monthly reports
CYREBRO Core
Includes fully licensed monitoring solution
24/7/365 monitoring coverage
Tier 1 – Tier 4
In-house Incident Response Team
Deployment and integration of solution
Defining and executing customized rules and correlations,
Full SIEM Technology and Service Solution
based on client security needs
Personal customer experience and clear SLA
Weekly & Monthly reports
CYREBRO One
Identify lateral movementbetween computers in the network
Identify abnormal
administrative activity on
cloud services
Assist in preventing
data leakage from
the cloud
Identify activity
of local and
domain accounts
Intrusion Detection and Infections by identified persistency methods, known patterns and IOCs
Identify Brute force attempts on endpoints and servers, at the OS and application level
Identify account misuse by multiple different users or by generic accounts
Enable more efficient forensics and post mortem investigations
One Click Installation:
No need for complicated
installation, integration or
deployment
Cost effective: Priced per
machine, so Small and
Medium companies pay low
prices per their size
Scalable: CYREBRO X
utilizes proven
technology for
unlimited scalability
Coverage of
Machines outside the
domain: Even laptops
traveling are covered
Technology Agnostic:
Supports all O.S – Win,
Linux, MAC, BSD.
Size agnostic: Ability to
deploy on any organization
from large to small (no
minimum network
requirements)
Identity protection: Covers
end points and external
cloud services together
Stability: Doesn’t require
high IT infrastructure
maturity – works on the
O.S level
SIEMSecurity Information Event
Management
EDREndpoint Detection Response
MDRManaged Detection Response
Easy installation
Coverage of singular machines
Covers Cloud machines
Suited for production
Effective without Local Professional
Functions in unstable IT
Wisdom of the Crowd
Every Single event that is handled around the world in a single agent on a single machine, is processed in
CYREBRO X’s central engine and is automatically applied to every relevant machine around the world in real time.
Technical Breakdown
Managed SOC
Logging and Analysis of data, Rules and correlation alerting
Cloud
Client’s network
Working out of the office
Working out of the Country
Working from home
Detection and InvestigationResponse recommendation
Working on the cloud
Supports
• Windows• Linux• Mac OSX• CoreOS• FreeBSD
# Utilize a Fully operational SOC as a service solution from day #1# CyberHat backups up the partners SOC operation from IL until the local SOC is ready to go
BUILD | OPERATE | SHARE
CyberHat’s Build Operate and Share (BOS) model is unique, where CyberHat can quickly establish a new SOC operation, powered with CYREBRO acting as the infrastructure behind the newly architected SOC service. This model works for customers who want to build an on premise SOC operation and do not have one or, would like to mature an existing SOC; to expand its capability. We design, architect and train the new operation, while continually optimizing the operational assets with the most up to date security defense trends. In essence CYREBRO becomes the “Intel Chip” of the operation.
Powered by:
Agreement signup
Operational SOC, executed fully from IL
1W
Local SOC T1-Handover
5-6M
• Full T1 – T4 service, 24/7, from CYREBRO IL
• Full 24/7/365 I.R. coverage• Threat intelligence
OngoingExpert Tier 2-4 and IR team support from IL
Setup Local capabilities• Build and setup of local SOC• Assistance in recruitment of local
T1 analyst• Training for T1 CYREBRO
certification
LOCAL SOC ROAD MAP
Hacking Simulation
Cyber Readiness Assessment
Incident Response
Based on years of practical offensive expertise, we designed and built a unique professional assessment that provides clear and tangible insights of an organization’s cyber defense capabilities. We evaluate a client’s security readiness and provide a roadmap of remedial actions which addresses three core elements:
Resilience
The organization ability to defend and identify an attack
at early stages
Response
The organization ability to effectively block, contain and
handle an attack
Recovery
The organization ability to recover from
a cyber attack
Cyber Readiness Assessment
CyberHat’s Hacking Teams bring state level expertise to simulate real-life motived hacking groups. Through a highly sophisticated simulation, we target critical assets of an organization; utilizing all potential vectors relevant in real world scenarios, social engineering, reconnaissance, circumvention of external facing interfaces and more.
• Black box test• Most realistic exercise of a real targeted attack
Hacking Simulation
Incident Response
CyberHat’s Incident Response solution offers Israeli professional cyber forensic investigating teams, with years of hands on experience and deep understanding of host forensics, network protocols, cloud infrastructure, malware, hacker’s propagation techniques and attack scenarios.
The team specializes in conducting deep forensic investigations to identify a cyber incident’s source and execute actions to block and recover from it.
Thank You