Fidelis Cybersecurity Enhances
February 21, 2020
The Fidelis Elevate platform empowers
security analysts to know their environment better than attackers and to
engage attackers prior to the point of impact.
Fidelis Elevate arms organizations with a streamlined security stack
that enables cyber defenders to defeat sophisticated attacks that use a
combination of techniques to hide their operation, stage their exploits,
evade detection, and leverage network weaknesses. The Fidelis platform
integrates network, endpoint and deception defenses, automates and
orchestrates workflows, and correlates rich metadata across these
security layers to ensure continuous visibility of the cyber terrain,
higher confidence detections, and faster response.
In the latest release, Fidelis extends the platform’s capabilities to
enable Security Operations teams to more quickly and accurately detect
threats and anomalous behavior, while also giving Incident Responders
the ability to remotely bring an endpoint to their fingertips. Fidelis
maps the cyber terrain, including all managed and unmanaged assets, and
attacker TTPs to the MITRE ATT&CK™ framework, while also significantly
expanding the use of Machine Learning analytics. Additionally, Fidelis
Elevate provides Red Team and Blue Team risk simulations to visualize
attackers’ potential lateral movement opportunities between assets.
Collectively, these capabilities provide cyber defenders with the
critical insights to quickly detect, hunt and respond to threats at
every step of an attack, keeping their business operations and data
“We understand the unfortunate reality that a motivated and
sophisticated attacker is eventually going to get past protective and
reactive defenses,” said Craig Harber, CTO, Fidelis Cybersecurity.
“Organizations need the capability to deal with the threat in
cyber-relevant time, which means you must fortify your traditional
security tools with predictive, proactive, and retrospective
capabilities. What we’ve brought to market is a platform that delivers
these capabilities to engage the attacker before it becomes a business
innovations by product line include:
Attacker TTPs to MITRE ATT&CK: Within the Fidelis
console, users gain an interactive version of MITRE ATT&CK
with identified TTPs mapped to it for improved alert
visualization and ease-of-use.
Machine-Learning Anomaly Detection: Anomalous
behavior within the enterprise that is considered high risk
can be identified faster via new unsupervised Machine
Simulation: Fidelis allows analysts to visualize
potential paths to and from a network device to identify
opportunities for an attacker to move laterally.
Interactive Network Device Map: Fidelis terrain
mapping interactively visualizes network device
communications prioritized by asset risk to further reduce
alert fatigue and enable the analyst to focus on the most
Console: Fidelis provides incident responders with
direct, remote access into an endpoint’s disk, files and
processes, to more quickly mitigate threats found on an
Endpoint Behaviors to MITRE ATT&CK: By mapping
endpoint detections to the ATT&CK framework, Fidelis enables
analysts to see which tactics and techniques an attacker may
be using, as well as determine the proper response.
Cloud Sandboxing: Fidelis extends its detection
capabilities by automatically submitting untrusted
executables to the sandbox for analysis. Malicious
executables can be added to a blacklist feed to globally
block that process. An analyst can also submit executables
and scripts to the sandbox for further investigations.
Enhanced Authenticity of Deception Layer:
Customized breadcrumbs, real files usage, complete web site
loading and banner configuration enhance the authenticity of
the deception layer.
Faster Decoy Configuration: Fidelis has optimized
deception layer configuration by enabling decoys to be
configured on multiple subnets within one click, selecting
the subnets/assets for breadcrumb distribution based on the
asset’s risk and security coverage, and offering support
for DHCP and streamlined web site loading.
cybersecurity solutions focus on a point in time, the reality is
that the threat is dynamic and always evolving,” said Harber.
“Fidelis Elevate provides a comprehensive solution that
automatically detects in real-time individual attack techniques
and alerts on critical technique sequences which give strong
indications of both APTs and potential zero-day attacks,
allowing threat hunters to proactively respond to attacks before
it’s too late.”