Highlights:
- By enabling IR teams to begin an investigation by first locating and containing compromised accounts—thereby stopping malicious activity—the new technology flips the paradigm.
- A business with 50,000 users can deploy the service in less than 12 hours to detect and confine compromised accounts and identify compromised systems, users, or other environment assets.
Unified identity security business Silverfort Inc. launched its “identity-first” incident response solution, to facilitate attack mitigation period by complementing prevalent incident response tools and enhancing IR processes.
By allowing teams to begin their investigation by locating and locking down compromised accounts before going on to detect infected computers and malicious network traffic, the new service is positioned as “flipping the script” on traditional IR playbooks.
According to Silverfort, conventional IR procedures begin with looking for compromised computers or keeping an eye on network logs to identify unusual activity. Searching compromised identities, whether they are human or nonhuman, is usually the last piece of the riddle. The business contends that while an investigation is underway, hostile actors are given the time and space to continue spreading throughout the network due to the identification’s delay.
By enabling IR teams to begin an investigation by first locating and containing compromised accounts—thereby stopping malicious activity—the new technology flips the paradigm. By utilizing a blend of artificial intelligence and machine learning, it provides IR professionals with extremely useful information, including proof of which individuals and accounts should be disabled and which ones can continue to function.
By freezing stolen accounts and halting lateral movement, Silverfort’s Identity-First IR Solution puts identity front and center and lessens the effect of an event while expediting remediation time. A business with 50,000 users can deploy the service in less than 12 hours to detect and confine compromised accounts and identify compromised systems, users, or other environment assets.
Security teams can quickly ban hacked accounts and activate multifactor authentication using Silverfort’s Identity-First Incident Response solution, which offers real-time protection and useful forensic data. The service’s Authentication Firewall allows for quick access limitation to stop an event from spreading, and it immediately flags dangerous people and devices, providing teams with complete insight into compromised assets.
Furthermore, the solution is integrated with current security operations, supplying enhanced detection and response systems with threat signals linked to identity and integrating identity protection mechanisms into automated playbooks. To provide complete identity protection across hybrid infrastructures, the service monitors each authentication attempt in both on-premises and cloud settings.
Chief Strategy Officer Ron Rasin, said, “In today’s rapidly changing threat landscape and sophisticated AI-backed threat actors, security teams can’t afford to be hunting for an anomaly when potential attacks occur, or systems go down. While there’s an established IR playbook to handle malware and network aspects of cyberattacks, the identity aspect is still a challenge.”
“Silverfort’s IR solution complements existing tools by instantly blocking compromised identities and adjacent machines and offering immediate visibility into those machines. We stanch the bleeding to ensure a safe recovery,” added Rasin.
The firm supported by venture capital has raised USD 222 million in fundraising, including USD 116 million in January and USD 65 million in funding rounds in April 2022. A few of the company’s investors are Vintage Investment Partners Ltd., Greenfield Partners, Acrew Capital Management, Citi Ventures Inc., and Brighton Park Capital Management LP.