How Does Loss Prevention by CyVectors work?
If your organization opts into the CyVectors Data Loss Prevention engagement, the CyVectors proprietary software suite goes into action. Many of these same software solutions may also be used as part of your penetration testing or forensics investigations.
Step 1 - Identify any existing reverse shells (backdoors) that are connecting your network to command and control malware environments. This step will be performed by placing a proprietary software package from CyVectors on as many Windows end-points as possible. This software requires three clicks to install, or can be auto-deployed, and will report egress (outbound network traffic) from your inside node to the Internet. This data is collected at a packet level, and simultaneously geolocated and compared to millions of known malware command and control servers via AI integrations with products like Cisco Talos and various AI clouds. Red and yellow indicators will reveal potential outbound connections to people who may be remotely controller your computers and network, and then reports that data to the splunk instance in the CyVectors Cloud. CyVectors can have this process completed in only a few days.
Step 2 - Deploy end-point email deception prevention
Whether your organization uses Gmail, an online IMAP provider, Microsoft Exchange, or other email platform, they will all go into Microsoft Outlook. Microsoft Outlook is included with your Office365 subscription or other Microsoft Office offerings. Once your end users have added their yahoo email, their work email, and other accounts used by your employees to their Microsoft Outlook client, CyVectors will provide an Add-In for Microsoft Outlook that will not only allow your end users to see attacks coming, but also allow those end-points to send that cyber security information to a SIEM via syslog. CyVectors use a splunk instance hosted by CyVectors Cloud. Once the CyVectors engagement is over, the end-point software can be left in place and that cyber data can be re-directed to the customer's SIEM platform for continued monitoring and improvement.
Step 3 - Analyze breached end-point email accounts
Once we have identified existing backdoors, and almost every organization has at least one, and we have instrumented the end users against future attacks using Microsoft Outlook and the CyVectors Add-In, its time to take a historical look at an email account from one of the breached end users, to identify the source of the attack, attack vectors used, payloads that made it past your perimeter network security, and provide lessons-learned to IT, Security teams, and cloud-providers, that can dramatically improve your organization's security posture. This step is conducted using CyVectors email forensics workstation for Windows. Once the CyVectors engagement is over, customer teams can continue to use Forensics workstation for ongoing email account awareness. The forensics workstation also includes a PowerBI template for comprehensive reporting.
You've just secured your managed network, empowered your end users (with almost no training) to avoid future fraud and deception, Armed your IT and security teams with tools, processes, and procedures to identify and rectify backdoors and advanced data loss prevention, and educated your teams to be investigators by researching historical email accounts directly from the email server, or PST/OST files.
Sounds expensive, right?
CyVectors claims it fortunes by empowering as many organizations as possible, not by leaning on one organization with high costs. That equals low cost per end-point, usually less than $2 per month/per end-point, penetration testing, loss prevention and other full service engagements are fixed price with no surprises, attainable goals, and a projected end date that is usually within a 3 to 14 day period, depending on your organization's size.
The average cost of a data breach is $2 million. You could work to prevent the breach for a fraction of that by engaging CyVectors proprietary software, processes, procedures, and deep technology and cross-domain experience.
Contact CyVectors via the secure chat on our homepage, with only a few questions to see if you qualify, you will receive a project plan, and quote.
If you requirements is time-sensitive, for example an existing infection or compromised systems, use the same secure chat box on our home page, and expect a response between 1:30PM and 10:00PM Pacific time weekdays, or 7:00am until 10:00PM Pacific time on Saturday and Sunday.