Security perimeters are no longer enough to protect organizations from targeted attacks. And given the ongoing shortage of skilled cyber security experts,* developing better security capabilities on their own is out of reach for many organizations. But companies haven’t lost the fight to secure their networks and data. Global cyber security leader F-Secure has launched a new endpoint detection and response (EDR) solution that combines industry-leading security expertise with the latest technologies to help organizations catch file-less attacks, privilege escalation and other advanced tactics used by attackers.
F-Secure Rapid Detection & Response is an endpoint detection and response solution that provides companies lacking large IT and security teams or budgets with the advanced capabilities they need to defend themselves, or together with their managed service provider, from targeted attacks. A recent F-Secure report found that targeted attacks caused over half of security incidents investigated by incident responders, and nearly 80 percent of investigations began after the security perimeter was already breached, exposing companies to data theft, fraud, and more.
According to F-Secure Executive Vice President of Cyber Security Products and Services Jyrki Tulokas, F-Secure Rapid Detection & Response was developed to help companies evolve to meet the realities of today’s threats.
“Well-maintained security perimeters are great for commodity threats, but targeted attackers are usually prepared to get through these barriers. And we’re at a turning point where organizations are being forced to confront the fact that getting breached is not a question of if, it’s a question of when,” said Tulokas. “But the upside of this is that organizations willing to face this reality with the right security capabilities have a game-changing opportunity to get an edge over attackers.”
F-Secure Rapid Detection & Response combines lightweight endpoint sensors with advanced data analysis capabilities, powered by artificial intelligence created, operated, and continuously refined by F-Secure, to monitor endpoints for malicious activity. When it detects an advanced threat, it provides IT teams or their managed service partners with guidance on how to respond. It can also be configured to automatically implement measures to contain the attack.
Organizations can then receive additional support from a local partner – trained, certified and supported by F-Secure’s experts – so that they can escalate difficult cases to help them stop the attack and get back to business.
The artificial intelligence used in F-Secure Rapid Detection & Response solution is modeled against real cyber attacks and taught to recognize malicious behavior by learning what normal behavior looks like first. Any unusual behavior receives additional AI-based analysis to eliminate the false positives that can quickly accumulate to overwhelm and distract responders, allowing organizations to quickly and efficiently pinpoint malicious activity before data breaches happen.
This analysis process – called Broad Context Detection – leverages F-Secure’s man and machine approach to combine data points about potential threats and abnormal behavior observed across endpoints to help defenders validate threats and assess their impact on an organization’s operations. It builds information about risk levels, affected asset groups, threat intelligence, recommended response steps, and more, into a visualized timeline that helps organizations respond by giving them visibility into the entire context of an attack.
This approach to detecting threats evolved from F-Secure’s experience in providing managed detection and response (MDR) services that protect large enterprises against targeted attacks. And according to F-Secure Chief Technology Officer Mika Stahlberg, it demonstrates how human experts use artificial intelligence to provide advanced cyber security competencies to organizations.
“One trick that’s common in modern attacks is to disguise malicious activity as something normal, and attackers are always finding new ways to do this. And since there’s countless numbers of normal things happening in any given environment, it’s basically impossible for companies to rely on human experts or artificial intelligence alone to comb through all that data,” said Stahlberg. “Artificial intelligence trained by the best cyber security experts is vital when you’re looking for needles in a digital haystack, and in the right hands, it’s able to keep defenders a step ahead of even the most skilled, highly motivated attackers.”