WatchPoint Security Blog

EDR | EndPoint Detection and Response

Written by Greg Edwards | May 31, 2016

Why do breaches continue to happen?

Companies are spending billions of dollars to prevent data breaches, yet they are still occurring every day. In all of the recent major breaches, forensic evidence existed to piece back together what happened.  Those bits of information about the breach existed in real-time as the breach was happening, but no one or no system was putting the pieces together. 

Major Breaches

Target – 70,000,000 Records

Anthem – 80,000,000 Records

Ashley Madison – 37,000,000 Records

Sony – 100TB of Data

OPM – 4,000,000 Records (US Government Employees)

The Problem and the Solution

The solution is to intelligently correlate the forensic data in real-time and take swift action on that information before an incident becomes a breach. The problem is, no one is looking for it. If the forensic data exists after the fact to determine what happened, then it existed in real-time, but no one did anything about it.

Do Something About It

There is no excuse for allowing a data breach on your network.  Solutions exist to analyze, correlate and alert on the forensic bits of data as they pass across your network.

Solutions:

Bit9 - Carbon Black

Alert Logic

Tanium

Bay Dynamics

CrowdStrike

The problem for small and medium-sized business is that these solutions are designed for large enterprises and have a high barrier to entry – cost.  You also must have the expertise to respond appropriately to the alerts as they happen.

WatchPoint recognizes and eliminates these barriers with a monthly low-cost solution for your business to implement Carbon Black.  All of the complex alerting logic and implementation process is handled for you.  Response and remediation are tended to by our 24/7 Security Operations Center.

Whether you are a large enterprise or a ten user firm, there is no excuse for being hacked.  Solutions exist today to stop cybercriminals in their tracks.