In 2004, there was science fiction movie about a character named Van Helsing. He was a vigilante monster hunter who went around searching for and vanquishing evil monsters such as Mr. Hyde, Dracula and werewolves. If you were evil, there was nowhere to hide. Van Helsing would find you and put an end to you.
Accenture, one of the leading IT, management and consultancy firms, and Endgame, an NSA-centric security solution vendor, are teaming up to offer threat hunting as a service. The new offering will be an Accenture-based managed service that leverages the leading-edge technology and expertise from Endgame.
Accenture has a massive number of global cybersecurity hunters, which is like having a team of Van Helsings armed with the latest tools specifically designed to address the lifecycle of the security threat.
Endgame’s roots are in national security, academia and the hacking community. It takes a different approach to security: It uses advanced data sciences to find threats and eliminate them before the blast radius gets too big.
Accenture, has its own security expertise, plus global reach, to help organizations of all sizes.
Threat hunting as a service
The managed threat hunting as a service includes the following:
- Continuous endpoint monitoring and reporting for targeted attacks that have bypassed defensive security technologies.
- The ability to expose and eliminate active and dormant adversaries that have infiltrated networks, followed by a precise response without disrupting normal business operations.
- An actionable list of vulnerabilities and procedures to remediate and prevent future attacks, reducing the cost and impact of incident response.
There’s certainly a need for this type of service. The digital era has brought with it a number of new tools and technologies. Things like IoT, the cloud, mobility, DevOps and software-defined networks (SDN) were futuristic things a decade ago but are now the norm. While those technologies have enabled businesses to become agile organizations, they also increased the number of attack points to the level where security teams can no longer keep up. The good guys need to protect an increasingly larger number of entry points, while the bad guys simply need to find a single way in. Once the network has been breached, the threat spreads laterally, information is gathered and data is eventually exfiltrated.
The bad guys are getting smarter, too. Instead of trying to penetrate state-of-the-art firewalls, more hackers are getting in by breaching internal systems that are connected to high-value systems but may not be as secure. As IoT becomes more prevalent, there will be millions more devices connected to business networks that create new entry points.
Complementing internal security teams
Security must evolve and adapt to these new threats. Rock-solid perimeter security is fine, but it must be complemented by data and advanced analytics to spot those threats as fast as possible. Some organizations might be able to do this with their current staff, but the vast majority does not. This is where a managed service, like the one offered by Accenture in partnership with Endgame, can provide tremendous value and be an excellent complement to the internal security team.
The good folks of Transylvania did not have the requisite skills to fight off Dracula and his concubines, so Van Helsing came in to do the job. Businesses can now take a similar approach to cybersecurity and fight off the growing number of attacks with threat hunting as a service.