SIM2K is now able to offer advanced cybersecurity tools through our partnership with Huntress Labs. Huntress finds and stops hidden threats that can bypass preventive security tools to protect you from today’s determined cybercriminals.
Huntress provides an underlying layer of managed detection and response, so you can be defended against malicious footholds, ransomware and more. Their human-powered threat hunting goes beyond automation, providing the hands-on support and expertise needed to stop advanced attacks. It is a Cloud-delivered managed breach detection service designed to accelerate security adoption, provide deeper visibility and enable faster response to constantly evolving security challenges.
Huntress enables finding and stopping hidden threats that sneak past preventive security tools. By focusing on a specific set of attack surfaces, vulnerabilities and exploits, their platform helps SIM2K protect our customers from persistent footholds, ransomware and other attacks.
Huntress offers a unique combination of automated detection and human-powered threat hunting, so that even the most sophisticated attackers won’t stand a chance against security defenses.
Unfortunately, hackers are getting smarter. Rather than mounting a direct attack, cybercriminals are abusing legitimate applications and processes to slip into your systems undetected. Once inside, they establish a quiet foothold for their next move – often the deployment of malware to cripple systems, or ransomware to encrypt and steal sensitive data. Huntress detects these footholds to identify – and eliminate – persistent actors that are dwelling in protected environments.
Huntress also protects against Ransomware. There is a reason ransomware is such a popular tool in the modern hacker’s tool box: it is highly effective. The sooner ransomware can be detected, the more likely it is it can be stopped from spreading and taking down an entire network. Huntress uses what it calls “Ransomware Canaries” (like the old canaries in a coal mine) to enable faster detection of potential ransomware incidents. These are small lightweight files which are placed on all protected endpoints, and if those files are modified or changed in any way, an investigation is immediately opened with their ThreatOps team to confirm whether those changes are the result of a ransomware attack or malicious encryption.
The Huntress agent is installed on workstations and servers to capture, collect and send metadata about potential threats to the Huntress cloud for analysis. Their automated engine performs initial analysis of the data collected by the agent. Then their ThreatOps team reviews the full context of that data to determine the classification which cannot be completely replicated through automation. Then, with the threat identified and confirmed, SIM2K receives a report with recommended actions to eliminate the threat.
Should there be a security issue detected, the report that Huntress sends SIM2K includes remediation instructions along with a “one-click” approval process to initiate action, giving us fast response to any incident. SIM2K should be taking action before you ever discover that there is a possible problem on your network.
And, as a Cloud-based service, Huntress will automatically update their services to keep up with constantly evolving threats. This will not require any action on your part, nor will SIM2K need to “touch” your network to install patches or updates unless a specific threat is identified that requires remediation at your end. Otherwise, new protection is rolled out through the Cloud to all covered devices as the malware is parsed at Huntress, not on your desktop or server.
SIM2K is offering Huntress as a new service for our clients. It is an add-on over our basic security offerings like Cylance and SIM2K® MAVerick. Once installed on your network, we will be able to monitor potential threat activity from a dashboard, and then work in conjunction with the Huntress ThreatOps team to mitigate any exposure you might face.