Anup Ghosh CEO and President
Anyone with experience in the enterprise security landscape knows how notoriously difficult and complex the environment is and how expensive the process of achieving a risk-oriented security posture can be. Among the many challenges that defenders face in safeguarding modern IT environments, the lack of full visibility across the dynamic enterprise environment tops the list. Today, cybersecurity threats come from every angle. And, as organizations continue to add more point solutions, deal with higher levels of network traffic, and work with more connected devices than ever, things are only getting all the more complicated! Furthermore, enterprises are challenged by the intricacy of managing many disparate security tools, one each for guarding the endpoint, network, cloud, and so on. The integration of these tools among others is homework that is left to enterprise defenders. In many cases, these tools impair visibility and cause bigger headaches as they often integrate poorly, have overlapping functionality, and gaps in coverage.
Against this challenging backdrop, the question that arises in the minds of most enterprise security leaders is: ‘what is going on in my environment as an adversary moves from asset to asset, and what do I do in order to avoid any damage?’
Anup Ghosh, CEO, Fidelis Cybersecurity, says, “This is where we take center stage. We offer the ability for businesses to pull together telemetry from different parts of the enterprise, including the endpoints, cloud, and the network, to give a complete picture of where an adversary might be lurking undetected in their environment, and just as importantly, where they are going.” In other words, Fidelis Cybersecurity helps companies outmaneuver, outperform, and outfight cyber adversaries to keep business operations and data safe.
So, how does the company do this?
Fidelis Cybersecurity offers Fidelis Elevate, an extended detection and response platform, which performs real-time and retrospective analysis on rich metadata and content, enabling security teams to effectively detect threats across hybrid IT environments. “Our platforms look for indicators in the different parts of the cyber environment, ties them all together into a single attack campaign, and maps it to the MITRE ATT&CK™ framework, allowing defenders to identify the attacker’s next move and determine the necessary action to be taken,” explains Ghosh. Businesses can, thus, stop an adversary before they cause any damage. In short, Fidelis enables cybersecurity professionals to engage adversaries earlier in the attack lifecycle, reshape the attack surface, and take control of enterprise security to proactively stop threats before they impact the business.
In essence, Fidelis Elevate increases the accuracy of alerts and gives companies holistic visibility and control of their IT environment. What makes the platform a cut above the rest is the fact that it unifies deception technologies with detection and response across endpoint (EDR), network (NDR) and cloud, allowing organizations to detect and trace an attacker’s movement, understand what systems they have compromised, stop their advance, and restore impacted system to normal operations at the earliest. Notably, the platform provides visibility, detection, and response capabilities across every phase of a cyber-attack, whether on-prem, hybrid- or in multi-cloud environments. Fidelis Elevate is purpose-built for proactive cyber defense.
To further emphasize the core features and functionalities of Fidelis Elevate, Ghosh takes the example of spear phishing attacks. For an adversary that wants to get on to a network, spear phishing is one of the easiest means; all they need to do is send an email targeted to specific individuals and get them to click on the link or open an attachment. “But our platform sees it all. For example, if a malicious email comes in, initially, it will need to cross our email sensor, which will examine the content to understand if it’s malicious or not.
Fidelis Cybersecurity helps companies
outmaneuver, outperform, and outfight cyber adversaries to keep business operations and data safe
And, if the end user opens the email and there is an attachment that downloads to their system, our network sensor sees that email cross into the network, and again, has another opportunity to potentially flag the malicious content,” he adds.
Rendering the Ability to Find Threats Faster
Fidelis Elevate is comprised of Fidelis Network, Fidelis Endpoint, Fidelis Deception, and Fidelis Decryption solutions, which are offered either as standalone products or as an integrated platform that enhances conventional security operations and response capabilities. Each of them is modular by design. While Fidelis Endpoint provides real-time, in-depth visibility into all endpoint activity, simplifying threat hunting, Fidelis Network prevents data espionage and detects threats. Companies can leverage the solution to automatically profile and classify data, tag content, and keep track of traffic anomalies to help prevent data loss.
Fidelis Deception, on the other, offers a low-risk and high-fidelity cyber alarm system, with useful data that helps expose cyber attackers in a matter of minutes. True to its name, the solution creates an authentic and veiled deception layer (it mirrors the customer’s network and creates decoys) to alter the perception of the target surface and dynamically change the outcome for cybercriminals. This helps organizations identify blind spots and potential attack paths so that they can work towards securing their systems and networks.
A Holistic View of the Cyber Environment
“Visibility is a key part of our XDR platform,” asserts Ghosh. “One of the primary features we offer our customers is the ability to see the network typography. We are able to, without even scanning, infer what the network topography is like; we leverage passive inference to do this.”
Since its inception almost two decades ago, Fidelis Cybersecurity has helped several industries and large corporations anticipate cyber threats and gain a holistic view of their cyber environment. A recent example is a Department of Defense customer who was interested in Fidelis Deception technology. The client had already deployed Fidelis Network detection and response capability to focus on data loss prevention. But once they had enabled the deception capability, it spun up a number of server assets and endpoints as decoys within the client’s environment. Almost immediately, the decoy assets started to get pinged. “This shouldn’t have happened because decoys don’t serve an actual purpose on the network. After further investigation, we discovered that there was an adversary on their network, and they immediately began incident response,” mentions Ghosh. This is but one of the many success stories that have helped Fidelis Cybersecurity establish a strong presence in the enterprise cybersecurity arena.
The firm currently offers the XDR platform as a SaaS offering in a subscription model. Fidelis Cybersecurity also partners with managed detection response firms who can deploy and manage the Fidelis software for its clients. More recently, the company acquired CloudPassage, a pioneer in cloud security and compliance intending to extend its XDR platform’s capabilities to the cloud. “It is part of our vision, which again, is moving away from siloed solutions to really be able to integrate sensors from across the network give companies a whole picture. The acquisition extends our vision to unify endpoint, network, cloud, and deception in a single platform so our customers can detect and respond to adversaries earlier in the attack lifecycle,” states Ghosh. “It’s exactly what our customers have been looking for.” As a part of its plan for the future, the company intends to do more integration with its detection and response capabilities in the cloud. “We already do a great job of looking at cloud assets and without an agent cater to the needs of our customers, whether that is alerting them about vulnerabilities that need patching or configurations that might introduce risk. So, we are working on more development at that end,” concludes Ghosh.