ARIA Cybersecurity offers free solution to combat APT
On December 21, Boston, MA-based ARIA Cybersecurity Solutions, a CSPi business that delivers a software-defined approach for improved cyber-attack incident response, announced the free use of the ARIA Advanced Detection and Response (ADR) for a three-month period to detect and stop the on-going attacks in the 18,000 organizations potentially impacted by the “SUNBURST” enabled cyber attack.
The Cyber Infrastructure Security Agency (CISA) has classified the attack that has hamstrung over a dozen agencies, three states, and hundreds of commercial organizations as an Advanced Persistent Threat (APT). Upon penetrating the organization via the “SUNBURST” hack to the Orion code, the “bad actor” actively uses the network to access as many vulnerable systems as possible while using techniques to try and hide their actions.
“The ARIA ADR solution is unique as it automatically, and in real-time, detects, verifies, and stops any attack as it become active. ARIA ADR is an ideal add-on to current security tools. We often replace legacy security information and event management (SIEM) solutions and other security tools that were not designed to stop modern attacks,” said Gary Southwell, ARIA Cybersecurity vice president and general manager, CSPi. “For instance, after the 2015 OPM breach, the Department of Homeland Security mandated the deployment of Splunk Enterprise Security across all civilian government agencies. Yet, Splunk, like other SIEMs, is best suited for highly-trained SOC analysts to manually search log infrastructure for IOCs, typically to try and find out what happened after the fact. It’s not designed to automatically find and stop threats, certainly not modern attacks like APTs, zero-day malware, ransomware, or other sophisticated intrusions and data exfiltrations. This is where ARIA ADR shines not only for automated threat detection but also for quick return on investment in tools and operational savings.”
ARIA Cybersecurity is extending the free use of ARIA ADR for a three-month period to detect and stop these threat actors and their activity related to the APT attack.