AWS Startups Blog

Detecting cyber attacks with Cybereason

This post is part of the Startups on Air series. Startup Evangelist Mackenzie Kosut visits different startups and learns who they are, what they do, and how they use AWS.


Cybereason is an endpoint security company. Instead of treating attacks like isolated incidents, Cybereason looks at them as part of a larger, complex campaign. Cybereason’s three co-founders Lior Div, Yossi Naar, and Yonatan Striem-Amit spent years conducting cyber-offensive operations for the Israeli government and came to the realization that it was people not computers who planned the attacks, and adjusted their strategy to consider how a human mind would react. However, they observed that many security companies weren’t incorporating this “people” perspective into their products. Instead, security technology focused on prevention by building taller and bigger walls. Human ingenuity, which means that attackers eventually figure out how to get around those walls, wasn’t considered. Cybereason is founded on the principle that defending a company from advanced threats requires thinking like the people who are attacking you. By applying an offensive mindset to defense, there’s an opportunity for businesses to detect threats sooner and stop the damage earlier.

Cybereason’s technology collects and cross-correlates data from thousands of endpoints and uses behavioral detection to discover attackers who have already infiltrated a company’s network. This data is automatically queried to find the slightest traces of malicious behavior. It’s used to flag other attacker activity, and leveraged to form a complete attack story. In addition to giving companies greater visibility into what’s happening on their endpoints, this approach turns an adversary’s tactics into a weakness that can expose an entire hacking operation.



Interested in learning more about Cybereason? Drop by their website or twitter page!