Use Case Factory Offers Continuous Improvement and Optimization of Cyber Security Readiness and Reduces Risk
Photo Gallery
Use Case Factory Offers Continuous Improvement and Optimization of Cyber Security Readiness and Reduces Risk
Additional Info
Company | CyberProof |
Website | https://www.cyberproof.com/ |
Company size (employees) | 100 to 499 |
Overview
CyberProof’s Use Case Factory uses agile development principles and automation to continuously deploy, update and improve controls that mitigate attack scenarios.
WHAT IS A USE CASE?
Use cases reduce business risk by developing a risk-based prevention, detection and response framework that drives down attack impact by rapidly identifying and mitigating potential attacks. A key to achieving this goal is the timely deployment of use cases aligned to each customer’s threat profile, IT landscape, control gaps and risk appetite.
During service onboarding, CyberProof works with customers to define a set of baseline use cases. These are mapped to the MITRE ATT&CK matrix to evaluate threat detection coverage.
This enables issue prioritization, controls optimization, and improved cyber risk management. New response procedures are defined and automated by leveraging digital playbooks and integrations.
As a result, our clients better understand security gaps and can define a roadmap for reducing their risk level over time.
WHAT IS INCLUDED IN A USE CASE KIT
Each Use Case Kit represents a security monitoring and response package designed for a specific attack or threat technique. The kit has three primary components:
• DETECTION RULE: The logic that correlates events and data sources to alerts representing malicious activity.
• PLAYBOOK: Detailed steps for responding to an alert – facilitating triage and response.
• AUTOMATIONS: Automated mechanisms for alert data enrichment, used in alert triage and automated incident management and response.
HOW THE USE CASE FACTORY WORKS
The Use Case Factory represents a unique approach to security operations. A major market differentiator, it reduces risk as follows:
• Use Case design is linked to risk management and measured against the ATT&CK framework.
• A modular component library maximizes reusable components for rapid build and deployment.
• New components are developed using Agile methodology.
• Use cases are tested and deployed in a structured, rapid and repeatable process.
How we are different
• BUSINESS VALUE: In the context of a traditional cyber security risk assessment process, CyberProof’s Use Case Factory is an effective means of regularly ensuring the agile development of new use cases that add business value to an organization.
• MINIMIZED RISK: Implementing a Use Case Factory process – which guides everything from effective selection and design of use cases to successful implementation – provides the means for keeping security operations up to date and allows organizations to identify and respond to cyber security threats fast enough to mitigate business damage. Faster response – i.e., keeping response time within a pre-defined impact window that reflects each organization’s risk appetite (see attached image) – is what keeps the potential impact of an attack to the minimum.
• A SMARTER SOC: CyberProof uses the MITRE’s Attacker Tactics, Techniques, and Common Knowledge (ATT&CK) framework as a powerful tool for improving cyber defense by creating a smarter security operations center (SOC). We work with customers in assessing their cyber defenses against the MITRE ATT&CK’s body of knowledge – and use this information to support their decision-making, as relates to security strategy and operations.