1. Total Endpoint Protection: #1 in EDR & Next-Gen AVTotal Endpoint Protection: #1 in EDR & Next-Gen AV
Protecting the
Healthcare
Industry
2. Total Endpoint Protection: #1 in EDR & Next-Gen AVTotal Endpoint Protection: #1 in EDR & Next-Gen AV
Customer challenges
One of the largest healthcare systems in the US with annual
revenue of nearly $11B, faced unique challenges.
o Protecting confidential and sensitive electronic patient health
records
o Securing high value assets including ePHI servers
o Enhancing their security program to go beyond HIPAA and HITECH
3. Total Endpoint Protection: #1 in EDR & Next-Gen AVTotal Endpoint Protection: #1 in EDR & Next-Gen AV
The situation before
Time-consuming
workflow
o Advanced security team spent a majority of
their time manually piecing together isolated
events
o Response included re-imaging affected machines,
one by one
Lack of visibility
o No endpoint tool meant blind spots in
investigation
o Extremely difficult to understand activity
across multiple disparate networks
Lack of automation
o Team manually sorted through network logs and
SIEM alerts to identify malicious activity
o The SOC could not decipher noise from malicious
activity
4. Total Endpoint Protection: #1 in EDR & Next-Gen AVTotal Endpoint Protection: #1 in EDR & Next-Gen AV
The situation after
Improved efficiency
o Intuitive and visual UI increased analyst
productivity
o Automated real-time threat hunting eliminated
manual investigation
o Single-click remediation allowed for timely
response
Broad visibility
o All data needed to react, isolate, and
investigate a malicious operation was at the
analysts’ fingertips
Automated approach
o All related activities to the malicious
operation automatically pulled together
including related processes, connections, and
other memory activities provided analysts with
a cohesive attack story
5. Total Endpoint Protection: #1 in EDR & Next-Gen AVTotal Endpoint Protection: #1 in EDR & Next-Gen AV
Why Cybereason
Offers
Automated Hunting
to drastically improve analyst
workflow
Offers
Actionable Alerts
that encompass all related
attack elements
Offers
A User Space Sensor:
No blue screens
No downtime
6. Total Endpoint Protection: #1 in EDR & Next-Gen AVTotal Endpoint Protection: #1 in EDR & Next-Gen AV
The customer decision process
o Customer had no EDR solution in place and was concerned about their
ability to protect high-level assets and to go beyond HIPAA and
HITECH.
o The company had a sophisticated team that was spending too much of
their time sorting through network logs and SIEM alerts with no
ability to connect isolated events or get full context.
o The security team wanted a solution that had the power to transform
their workflow via automation.
o Customer chose Cybereason because of the level of visibility the
solution offered. Also, because they were particularly concerned
with downtime and patient privacy, the Cybereason sensor stood out
to them – the fact that it is deployed in the user space and it
only collects meta data were key drivers in their decision.
7. Total Endpoint Protection: #1 in EDR & Next-Gen AVTotal Endpoint Protection: #1 in EDR & Next-Gen AV
“
-Director, Incident Response
Major healthcare company
”
The major value I see with Cybereason is
the level of visibility the solution
offers that no other does, not to mention
the ability to automatically correlate
mountains of data...there is just no one
else doing this today automatically.