This innovative initiative allows new customers of Cybereason’s Next Gen SIEM Detection & Response (SDR) product to send up to 1TB of log data per day free for the first 90 days, enabling in-depth analysis and extraction of MalOps (malicious operations) from their security data.

The program leverages Cybereason’s core technology, including the powerful MalOp Detection Engine algorithms, to provide comprehensive visibility and detection across endpoint, identity, workspace, network, and cloud log data.

This ensures that customers can experience the full capabilities of Cybereason’s SDR product, which is designed to detect, analyse, and respond to cyber threats with unparalleled accuracy and speed, reducing the need for legacy SIEM platforms.

“We are thrilled to offer this program to new customers,” said Eric Gan, CEO of Cybereason. “The 1TB Free SDR Data Ramp Program underscores our commitment to empowering organisations with the tools they need to defend against increasingly sophisticated cyber threats. By allowing new customers to ingest and analyse large amounts of log data for free, we aim to demonstrate the full potential of our SDR product and how it can transform their security operations.”

SDR leverages Observe to remove data silos and consolidate security logs into a single platform enabling users to rapidly investigate security incidents.

“Investigating security incidents is always a matter of data.  Observe stores and analyses more data, for longer periods of time, at a lower cost than anyone” said Jeremy Burton, CEO of Observe. “We’re delighted to partner with Cybereason to deliver a complete security offering to our mutual customers.”

Cybereason’s SDR product, powered by the MalOp Detection Engine, delivers advanced threat detection and response capabilities. It provides a holistic view of an organisation’s security posture by correlating data across multiple vectors, including endpoints, identities, workspaces, networks, and cloud environments.

This multi-layered approach enables security teams to identify and mitigate threats more effectively, reducing the time to detect and respond to incidents.

The recent updates introduce significant improvements in file search operations, investigation query results, and cloud workload protection, providing more granular data and faster key artifact identification.

Enhanced protection includes behavioural execution prevention and new sensors for Docker and Kubernetes, ensuring robust threat detection and prevention. Infrastructure management sees advancements in custom reputation management, fileless mode protection, sensor tampering protection, and streamlined sensor deployment processes, all aimed at increasing security efficacy and operational efficiency.

Investigation enhancements

Cybereason has refined its file search capabilities, allowing users to choose between standard searches based on filters and YARA rule-based searches.

The introduction of dynamic filters helps users pinpoint the exact machines they need to investigate, significantly speeding up the search process.

Users can now apply their queries within specific timeframes ranging from the last hour to the last seven days, with a default setting of 24 hours.

Additionally, the query results can be customised to display a specific number of results per page, enhancing the ability to focus on relevant data quickly.

Enhanced protection

Cybereason’s Cloud Workload Protection (CWP) now includes new sensors that can be deployed on Docker hosts or Kubernetes clusters. These sensors collect security data, which is then integrated into the Cybereason Defense Platform, providing comprehensive threat detection and prevention across cloud environments.

This feature leverages detailed research data from Cybereason’s EDR solution to detect and prevent malicious processes based on their behaviour.

Behavioural Execution Prevention (BEP) offers inline prevention on the endpoint, reducing response times and improving overall security efficacy.

Infrastructure management

The custom reputations screen has been significantly enhanced, allowing users to manage reputations from private lists directly within the console.

This feature helps minimise false positives while ensuring critical threats are detected based on the specific environment.

Users can now select protection modes, such as .NET or AMSI, based on their organisation’s requirements. This flexibility ensures optimal protection against fileless malware threats.

Enhanced sensor tampering protection safeguards Cybereason processes on Windows endpoints from unauthorised modifications or termination attempts, improving endpoint resiliency.

Furthermore, the new sensor installer packages for sensor groups simplify the deployment process, allowing pre-configured sensors to be added to specific groups efficiently.

Sensors now check for updates every few hours, downloading but not installing them until an administrator triggers the upgrade.

This improvement enables the update of up to 1,000 sensors per hour without impacting network performance.

Cybereason has broadened its feature support for Linux operating systems, including device control, personal firewall control, remote shell, and NGAV support for on-file access scans. This expansion helps reduce the Linux attack surface, enhancing overall security.

The platform now supports Windows 10 21H2, MacOS 12 (Monterey), Amazon Linux 2, and Debian 10, ensuring comprehensive coverage across various operating systems.

These enhancements reflect Cybereason’s commitment to empowering defenders with advanced tools and capabilities to effectively combat threats across diverse environments.

By continuously improving its platform, Cybereason aims to provide superior security solutions that enable organisations to stay ahead of adversaries.

These processors are an innovative enhancement in data centre computing, built with industry-leading performance, energy efficiency, and advanced capabilities for Google Cloud customers.

Google Axion Processors were built with a focus on addressing challenges such as information retrieval, global video distribution, and generative AI.

Google has invested heavily in custom silicon technology and the Axion Processors are designed specifically for the data centre.

Axion Processors are the latest addition to Google’s portfolio of custom silicon solutions, which includes Tensor Processing Units (TPU) and Video Coding Units (VCU).

These processors are built on the Arm Neoverse V2 CPU architecture, delivering commendable performance for a wide range of workloads, including web and app servers, containerized microservices, open-source databases, and CPU-based AI training.

What sets Axion apart is its outstanding performance and energy efficiency. Google says that Axion processors offer up to 30% better performance than existing Arm-based instances in the cloud, and up to 50% better performance and 60% better energy efficiency than comparable x86-based instances.

This improvement in performance and efficiency will bolster the capabilities of Google Cloud customers, enabling them to achieve new levels of performance, reduce infrastructure costs, and meet sustainability goals.

Axion Processors are underpinned by Titanium, a system of purpose-built custom silicon microcontrollers and tiered scale-out offloads.

This architecture optimizes platform operations such as networking and security, ensuring enhanced performance and efficiency for customer workloads.

Additionally, Axion processors leverage Hyperdisk, a new block storage service that decouples performance from instance size, further enhancing efficiency and scalability.

Google’s collaboration with Arm and industry partners has been very important in the development of Axion Processors.

These processors are built on the standard Armv9 architecture and instruction set, ensuring out-of-the-box application compatibility and interoperability.

Google has contributed to the SystemReady Virtual Environment (VE), Arm’s hardware and firmware interoperability standard, making it easier for customers to deploy Arm workloads on Google Cloud with minimal code rewrites.

The announcement of Axion Processors has garnered excitement and anticipation from Google Cloud customers and partners worldwide.

Industry leaders such as Broadcom, CrowdStrike, Cybereason, Datadog, Elastic, OpenX, Snap, and WP Engine have affirmed optimism for testing Axion-based virtual machines and exploring the potential performance and sustainability gains.

While details about availability and pricing haven’t been disclosed yet, Axion is expected to be available to Google Cloud customers later this year.

[Featured Image Credit]