Explore CYREBRO’s most frequently asked questions below.
Interactive SOC Platform
- What is an interactive SOC Platform?
A cloud-based, real-time interactive SOC platform integrates all of your current system and data sources into one centralized platform, giving you control, context, and clarity when it comes to your cybersecurity operations.
- Why do I need an interactive SOC platform?
By consolidating and centralizing all your cybersecurity systems and technologies with a SOC Platform, they are no longer siloed. You have live access to your SOC 24/7/365 – simply log into the virtual SOC anywhere, at any time to see what’s happening in your network, without the need to request a report or wait for a service provider to answer the phone.
- How does CYREBRO's SOC Platform work?
The CYREBRO SOC Platform is technology agnostic so it seamlessly connects with all your current security systems and sources. You get direct visibility into all your security events, real-time status about investigations, and actionable steps to protect your business. It is cloud-based and available 24/7, giving you immediate access no matter where you are.
- How is a SOC Platform different from SOC as a Service?
SOC as a Service provides managed SOC services, like threat detection and incident response. With a SOC Platform, you benefit from the same capabilities as SOCaaS through an interactive SOC Platform that gives you real-time visibility into your security posture. Instead of waiting for updates, reports, or a call from a SOCaaS provider, with a SOC Platform users can view and engage with the SOC and analysts whenever they like, and deep dive into the status of any investigation.
- What operation system does the CYREBRO Platform work on?
CYREBRO platform works on a web interface and can work on any operating system.
- Does CYREBRO offer reports?
Yes. Our reporting and system wizard tool enables users to instantly generate, save and share reports including the most relevant data on investigations handled by CYREBRO during any defined time range. All the reports are written in plain English.
Security Operations Center (SOC)
- How does CYREBRO stop cyber attacks?
CYREBRO uses proprietary detection algorithms to strategically monitor, analyze, and interpret events across your security network. Our team of expert analysts monitors your network 24/7 to identify malicious activity and prevent attacks before they happen.
- When does CYREBRO operate?
The CYREBRO SOC operates 24/7/365, so you can be sure that your networks are being actively monitored at all times of the day and night. CYREBRO analysts are available round the clock for your assistance.
- Does CYREBRO have incident response capabilities?
Yes, CYREBRO’s incident detection and response capabilities are widely unmatched across the industry. CYREBRO’s incident response team has years of practical experience responding to all types of attack vectors, and the digital forensics investigators being extensive law enforcement and intelligence experience to every investigation.
- How does CYREBRO perform threat hunting?
CYREBRO performs proactive threat hunting on the SIEM, meaning we do not wait for an attack to trigger a threat hunt. CYRBERO actively runs queries on data in the SIEM related to the specific threat or concern.
- Does CYREBRO provide threat intelligence?
Yes, CYREBRO’s threat intelligence team performs research across a wide range of sources to identify IOCs, attacker behavior, and TTPs. The information uncovered is translated into proactive plans and SIEM rules within the CYREBRO Platform. Additionally, the threat intelligence team sends CTI (critical threat intelligence) alerts to all CYRBERO clients in real-time. CTI alerts include the threat summary, details about vulnerabilities, affected products, and mitigation steps or workarounds.
- Do I need my own SIEM technology?
CYREBRO maintains and optimizes SIEM technology that is integrated into the Platform, so there is no need for clients to build, own, or manage it independently. Building SIEM technology in-house requires extensive resources and knowledge in order to both maintain and optimize the SIEM on a regular basis. CYREBRO does all this for you.
- What if my organization already has SIEM technology?
CYREBRO can integrate and leverage your SIEM technology and configure it make sure it is functioning according to your specific security needs.
- Does CYREBRO enable me to see the investigation process?
Yes. CYREBRO platform gives you full visibility of the entire investigation process. It helps you understand what happened, what was impacted, the risks and the recommended actions you should take.
- What kind of compliance does CYREBRO have?
CYREBRO is compliant with SOC2, ISO 27001, ISO 22301, GDPR Assured, and PCI Service Provider Level 2.
- Where is my data stored?
Our CYREBRO platform utilizes third party cloud infrastructure through AWS and IBM’s Cloud (which are PIPEDA compliant). We do not host or store any client data in our company infrastructure to maintain HIPAA or PIPEDA type of compliances.
- What technologies does the CYREBRO platform integrate with?
CYREBRO is technology agnostic, meaning the platform seamlessly integrates with any security solution, technology, log source, and endpoint.
- How do I connect my tools and systems to CYREBRO's Platform?
CYREBRO deploys a tool called an Event Collector to collect logs from your security tools and systems. You are able to connect a many tools as you want, and change out systems whenever it’s convenient for you. This is done within the Platform, which has a simple step-by-step wizard to walk you through adding or removing a system.
- Can I connect new log sources?
Yes. Our log source wizard enables you to easily connect more log sources. You can integrate new technologies and security tools you are currently using or will use in the future.
- Which data sources does the CYREBRO platform connect with?
CYREBRO connects to your organization’s desktops, laptops, and servers.
Working with CYREBRO
- What kind of organizations is CYREBRO best for?
CYREBRO is used by a range of organization types and sizes, and is a “one-size-fits-all” security solution. Organizations of any size will benefit from CYREBRO’s enterprise-grade SOC platform.
- Does CYREBRO have a trial period?
There is a 30-day free trial for any cloud-hosted tools, with up to 100 EPS. It offers 24/7 monitoring, 24/7 incident response, all log types, and a SIEM license.
- Does CYREBRO work with channel partners?
Yes. CYREBRO has multiple partners around the world. If you are interested in partnering with us, please contact us.
- Does CYREBRO work with MSSPs?
Yes. We developed a business model that can save MSSPs the investment in building and maintaining a SOC.