Cynet 360 XDR Autonomous Breach Protection
Cynet 360 is the first autonomous breach protection platform that consolidates and automates Monitoring & Control, Attack Prevention & Detection and Response Orchestration across the entire environment. It delivers this by the pioneering Cynet Sensor Fusion™ to collect/analyse all endpoint, user, file and network activities in an environment.
Features
- EDR – End Point Detection & Response
- EPP – End Point Protection (AV & NGAV)
- NGAV – Next-Generation Anti-Virus
- Network Analytics – Network Traffic Analytics
- UBA – User Behaviour Analytics
- Deception
- SOAR – Security Orchestration, Automation & Response
- MDR – Managed Detection and Response
- Threat Intelligence
- Incident Response – Cyber Incident Response
Benefits
- Enable the security team to resolve incidents with increased speed
- Reduce time invested in deployment and management of security systems
- Resolve incidents quickly with automated prevention, detection and response abilities
- Save and consolidate on other NGAV/EDR/UBA/Network Analytics and Deception products
- Consolidate protection against commodity/advanced threats, in a single platform
- Enhance the security team’s skill and capacity with CyOps
- Provide the CISO 24\7 visibility/control
Pricing
£91 to £91 a licence
- Education pricing available
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
2 8 5 6 5 5 8 7 1 3 3 7 2 5 7
Contact
SAMURAI DIGITAL SECURITY LIMITED
Ruth Day
Telephone: 07790086540
Email: rday@samuraisecurity.co.uk
Service scope
- Software add-on or extension
- No
- Cloud deployment model
-
- Public cloud
- Private cloud
- Community cloud
- Hybrid cloud
- Service constraints
-
Supported OS for Windows:
Endpoints:
o Windows XP Service Pack 3
o Windows 7 32/64 bit
o Windows 8.1 32/64 bit
o Windows 10 32/64 bit
Servers:
o Windows 2003 R2 32/64 bit
o Windows 2008 R2 32/64 bit
o Windows 2012 32/64 bit
o Windows 2012 R2 32/64 bit
o Windows 2016 32/64 bit
Supported OS for UNIX\MAC\Linux:
Ubuntu 15 and Above
RedHat 7.2 and Above
Centos 6.7 and Above
Fedora 21 and Above
Debian 8.4 and Above
Suse 12 and Above
MAC (El Capitan 10.11 64 bit) and Above - System requirements
- S/W Versions
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
Support response times:
Critical Alert - Contact the client within 4 hours of alert
High Alert - Contact the client within 6 hours of alert
Medium Alert - Contact the client within 12 hours of alert
Low Alert - Contact the within 24 hours of alert
Our monitoring operation hours will be between 9 AM – 5 PM on business working days. To cover Samurais operation hours, Cynet SOC is 24/7 and will support the Cynet platform in the evenings and weekends. As a first action, Samurai will review the prior night's/weekends activity each morning, prioritising any required remediation actions - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
Support and maintenance costs are included in the annual subscription cost. Depending on the product level selected, support is 8x5 or 24x7. Our technical experts will assist you with any technical issues you may encounter.
CyOps 24/7 The Cynet cyber team (“CyOps”) operates from Cynet’s Security Operation Center (SOC) 24x7x365 and is built by experienced security specialists. CyOps personnel are trained to actively engage with customers whose Cynet 360 installation has detected a threat within the customer organization. CyOps Commitments
Operational 24x7x365 days a year.
Monitor alerts from the customer’s Cynet 360 installation and contacts the customer’s contact persons via approved communication channels.
CyOps staff will be available to the customer to provide recommended remediation steps of the detected threat - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- Samurais and Cynet's Customer Success team will guide you through the deployment and implementation process and make sure that your requirements are met. Once you purchase a subscription to the Cynet360 platform, a Customer Services Manager will be assigned to your account to ensure successful deployment.
- Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
- Cynet will terminate the SaaS tenant, which permanently deletes all customer data.
- End-of-contract process
- You can either renew the service for another period or Cynet will terminate the SaaS tenant, which permanently deletes all customer data.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Firefox
- Chrome
- Application to install
- Yes
- Compatible operating systems
-
- Linux or Unix
- MacOS
- Windows
- Designed for use on mobile devices
- No
- Service interface
- Yes
- User support accessibility
- None or don’t know
- Description of service interface
- The Cynet web-based GUI is an intuitive, user-friendly interface, which has been purposely developed to simplify security controls and provide visibility to the organisation
- Accessibility standards
- None or don’t know
- Description of accessibility
- This depends on which permissions are granted to the user. Users with full operator access will have complete control of the solution from deployment, configuration, and forensic analysis, through to resolution and remediation. Role-based permissions can be applied to the users, specific to their job function or level of required visibility/control
- Accessibility testing
- N/A
- API
- Yes
- What users can and can't do using the API
- Cynet offers a rest API, where specific use cases can be developed, depending on the requirement.
- API documentation
- Yes
- API documentation formats
- HTML
- API sandbox or test environment
- No
- Customisation available
- Yes
- Description of customisation
- Creation of custom security policies, groups, API integrations with other technology in the environment, and custom remediation/playbooks.
Scaling
- Independence of resources
- The Cynet solution uses an infrastructure with auto-scaling ability, therefore additional resources are added or removed when required.
Analytics
- Service usage metrics
- Yes
- Metrics types
-
Dashboard metrics - highlights overall security scoring of solution specific to the environment.
Report metrics - various reports are available for service. - Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Reseller providing extra support
- Organisation whose services are being resold
- Cynet
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- No
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
- Other
- Other data at rest protection approach
-
Infrastructure is located on AWS and is protected with:
• Next-generation firewall
• Regularly audit security groups in AWS, only relevant employees have access to the infrastructure.
• Changes must undergo a change management process with approval from top management.
• All access to this environment is restricted to specific IP access, given only to relevant employees and using MFA.
• Access to this environment is logged and monitored by our SOC 24/7.
• Our servers are protected by Cynet360 and monitored 24/7 by our SOC team.
• Data in motion – Cynet encrypts all data in motion (with TLS). - Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
- Users have the ability to export forensic & alert data in .CSV. Reports can be reported to .PDF
- Data export formats
-
- CSV
- Other
- Other data export formats
- Data import formats
- Other
- Other data import formats
-
- Xlsx
- Docx
- Pptx
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
-
Cynet’s target is 100% Availability (as defined below) of the Services. If the Availability Percentage (as defined below) during a given Subscription Year is less than 99.9%, you are eligible for a credit as detailed below (the “Service Credit”).
This SLA applies only to your production environment of the Service, and not to any non-production environment. This SLA applies separately to each account using the Service.
Unless otherwise provided herein, this SLA is subject to the terms of the applicable agreement for the Services between you and Cynet (“Agreement”) and capitalized terms will have the meaning specified in the Agreement. - Approach to resilience
-
The Cynet 360 SaaS solution is deployed on the Amazon AWS IaaS.
We utilize various AWS services such as EC2, EBS, RDS, Backup and more, to ensure high availability and disaster recovery.
The System is deployed on multiple AWS Regions to ensure best performance for all customers.
At each region we deploy a scalable traffic router for best ingestion of all incoming traffic that is then directed to the relevant internal service for further analysis. - Outage reporting
- Dashboards, alerting and email alerts.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
- Username or password
- Access restrictions in management interfaces and support channels
-
2-factor authentication
Identity federation with the existing provider (for example Google apps)
Username or password - Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- Between 6 months and 12 months
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- Between 6 months and 12 months
- How long system logs are stored for
- Between 6 months and 12 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- Based on ISO 27001, ISO 27032, our security program includes all GRC aspects. In addition, Cynet is following NIST guidance and SSDLC.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- Change request -> change approval chain -> approval -> test env implementation -> pre production -> production
- Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
- Infrastructure is located on AWS and is protected with: • Next-generation firewall • Regularly audit security groups in AWS, only relevant employees have access to the infrastructure. • Changes must undergo a change management process with approval from top management. • All access to this environment is restricted to specific IP access, given only to relevant employees and using MFA. • Access to this environment is logged and monitored by our SOC 24/7. • Our servers are protected by Cynet360 and monitored 24/7 by our SOC team. • Data in motion – Cynet encrypts all data in motion (with TLS).
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- All of our servers are protected by the Cynet360 agent and monitored 24/7 by our CyOps SOC team.
- Incident management type
- Supplier-defined controls
- Incident management approach
-
The Cynet SOC is a 24/7/365 off-site secured location comprised of experienced security specialists. SOC personnel are trained to actively engage with customers whose Cynet 360 installation has detected a threat within the customer’s organization.
Incidents can be reported either by email, through the Cynet UI or automated through the tool itself.
Incident reports can be requested by email or phone.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- No
Social Value
- Fighting climate change
-
Fighting climate change
Since the beginning of the Covid-19 pandemic, we have moved to, predominantly, remote working. This has significantly reduced our carbon footprint. Where possible we standardise on eco-friendly laptops and other computer equipment. Company cars are only provided in exceptional circumstances and only electric cars are specified.
Pricing
- Price
- £91 to £91 a licence
- Discount for educational organisations
- Yes
- Free trial available
- No