Startup Cybric aims to reduce time between detecting and remediating breaches

By screening clone images of networks, FabricVUE can deliver results in near real time without affecting production networks

Startup Cybric is working on a cloud-based platform to help businesses find out about breaches quickly and clean them up as fast as possible.

It will do that with its platform, Continuous Security Delivery Fabric that creates a clone of network elements in its cloud and runs tests against them looking for vulnerabilities. Because the work is done in the cloud, it doesn’t slow down or interfere with the business’s production network, the company says.

Because multiple tests can be run in parallel in the cloud, the time it takes to find vulnerabilities is reduced, the company says. Alternatively, customers can run the Continuous Security Delivery Fabric on premises.

The company lumps itself in a category defined by Gartner as security operations, analytics and reporting (SOAR), which includes EMC, CyberSponse, Proofpoint, Resilient Systems and Swimlane.

Some of the companies Cybric feels it competes with are Cyber Ark, Dell Secure Works, Tanium, Palo Alto Networks and Rapid7.

Key factors for this SOAR category are that products gather state information about the network, evaluates it within a business context and orchestrates a response, according to Gartner’s “Innovative Tech Insight for Security Operations, Analytics and Reporting”.

Continuous Security Delivery Fabric is a cloud service that discovers the network automatically, and makes thin clone copies of network assets within Cybric’s cloud network. There it runs tasks or scans against these copies in order to discover vulnerabilities, misconfigurations, poorly written code and the like.

To do so users define targets, called fibers, for the platform to work against. Targets can be a variety of assets such as applications, code repositories and IP ranges. Then they set tasks – security policies to run against the tasks – that are called business resiliency integrated controls (BRIC), to run against each fiber. The sum of these fibers and BRICs becomes the customer’s security fabric. BRICs define what action to take if vulnerabilities are found.

A simple task might be to send out an alert when a BRIC finds that a specific application hasn’t been patched. Or it could be automatically scanning Ruby on Rails source code being written by the customer using the vulnerability scanner Brakeman before it can be merged into code posted to GitHub. If the code is found secure, the Continuous Security Delivery Fabric allows it to be merged; if vulnerable, it sends an alert.

Customers can use their own security tools or enlist third-party tools as part of BRICs, which can be run on a regular schedule.

Continuous Security Delivery Fabric can act on corporate resources that are located in commercial cloud vendors’ networks, which can be useful to developers who need to create virtual machines on the fly to test their work. Because BRICs can be assigned to IP ranges, any new virtual machine developers create will be subject to the appropriate BRIC screening automatically.

Scanning tools the platform currently supports are Nikto, NMAP, Metasploit, Brakeman and OWASP. It plans to support CoreSecurity, IBM – Qradar, IBM – AppScan, Rapid 7 and Qualys. It supports these communications tools: Slack, PagerDuty, email and native SMS, with plans to add DataDog.

As for remediation tools, it supports Cybric Remediation and ServiceNow, with Remedy and IBM BigFix on the planning board.

Cybric is based in Boston and funded with $1.3 million in seed funding led by Petrillo Capital and angel and strategic investors.

Continuous Security Delivery Fabric is in beta. Those who want to participate, click here.

Join the CSO newsletter!

Error: Please check your email address.

More about BigFixCustomersDellGartnerInsightPalo Alto NetworksProofpointQualysRapid7Rapid 7ServiceNow

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Tim Greene

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place