Cynet360
Cynet 360 is the world’s first autonomous breach protection platform that consolidates and automates Monitoring & Control, Attack Prevention & Detection and Response Orchestration a Cynet 360 delivers these capabilities by use of Cynet Sensor Fusion™ to collect and analyze all endpoint, user, file, network activities across the environment.
Features
- EDR – End Point Detection & Response
- EPP – End Point Protection (AV & NGAV)
- NGAV – Next-Generation Anti-Virus
- Network Analytics – Network Traffic Analytics
- UBA – User Behaviour Analytics
- Deception –
- SOAR – Security Orchestration, Automation & Response
- MDR – Managed Decetion and Response
- Threat Intelligence
- Incident Response – Cyber Incident Response
Benefits
- Radically reduce time invested in deployment and management
- Save on NGAV/EDR/UBA/Network Analytics and Deception products
- Consolidate protection against commodity/advanced threats in a single platform
- Empower the security team to resolve incidents
- Resolve incidents rapidly with automated prevention, detection and response
- Enhance the security team’s skill and capacity with CyOps
- Provide the CISO 24\7 visibility/control with Cynet CISO Kit
Pricing
£11 a licence
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
8 6 3 5 3 0 9 8 5 1 1 5 6 3 4
Contact
INTEGRITY360 LIMITED
Davide Poli
Telephone: 02083721000
Email: bidreviewboard@integrity360.com
Service scope
- Service constraints
- None
- System requirements
- S/W versions
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
Technical Support
Our technical experts will assist you with any technical issues you may encounter.
CyOps 24/7
The Cynet cyber SWAT team (“CyOps”) operates from Cynet’s Security Operation Center (SOC) 24x7x365 and is comprised of experienced security specialists. CyOps personnel are trained to actively engage with customers whose Cynet 360 installation has detected a threat within the customer organization.
Severity CyOps Response Response Time
Critical *Call and email the customer Within 2 hours
High *Call and email the customer Within 4 hours
Medium Email Customer Within 12 hours
Low Email Customer Within 24 hours - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- Onsite support
- Support levels
-
Support an maintenance costs are included in the annual subscription cost. Depending on the product level selected, support is 8x5 or 24x7.
Our technical experts will assist you with any technical issues you may encounter.
CyOps 24/7
The Cynet cyber SWAT team (“CyOps”) operates from Cynet’s Security Operation Center (SOC) 24x7x365 and is comprised of experienced security specialists. CyOps personnel are trained to actively engage with customers whose Cynet 360 installation has detected a threat within the customer organization.
CyOps Commitments
• Operational 24x7x365 days a year.
• Monitor alerts from the customer’s Cynet 360 installation and contact the customer’s contact persons via approved communication channels, based on the Alert Severity Matrix below.
• CyOps staff will be available to the customer to provide recommended remediation steps of the detected threat.
Severity CyOps Response Response Time
Critical *Call and email the customer Within 2 hours
High *Call and email the customer Within 4 hours
Medium Email Customer Within 12 hours
Low Email Customer Within 24 hours - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- Cynet's Customer Success team will guide you through the deployment process and make sure that your goals are met. Once you purchase a subscription to Cynet360 platform, a Customer Success Manager will be assigned your account.
- Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
- Cynet will terminate the SaaS tenent, which permanently deletes all customer data
- End-of-contract process
- You can either renew the service for another period or Cynet will terminate the SaaS tenent, which permanently deletes all customer data
Using the service
- Web browser interface
- Yes
- Using the web interface
- The Cynet web-based GUI is an intuitave, user-friendly interface, which has been purposely developed to simplify security controls
- Web interface accessibility standard
- None or don’t know
- How the web interface is accessible
- Via a browser
- Web interface accessibility testing
- None
- API
- Yes
- What users can and can't do using the API
- Cynet offers a rest API, where specific use cases can be developed, depending on the requirement
- API automation tools
- Other
- Other API automation tools
- Rest API
- API documentation
- Yes
- API documentation formats
- Other
- Command line interface
- No
Scaling
- Scaling available
- Yes
- Scaling type
- Automatic
- Independence of resources
- The cynet solution uses an infrastructure with auto scaling ability, therfore additional resources are added or removed when required
- Usage notifications
- No
Analytics
- Infrastructure or application metrics
- Yes
- Metrics types
-
- HTTP request and response status
- Network
- Number of active instances
- Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Reseller (no extras)
- Organisation whose services are being resold
- Cynet
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- No
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
- Other
- Other data at rest protection approach
- Cynet monitors all activities performed on data at rest, including all user access, creation and deletion. In addition to this, Cynet uses the lowest privilege module for managing the data, to insure only relevant employees have access to the data. For portable and sensitive computers, we also encrypt the hard drives.
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Hardware containing data is completely destroyed
- Equipment disposal approach
- A third-party destruction service
Backup and recovery
- Backup and recovery
- No
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- TLS (version 1.2 or above)
- Other
- Other protection between networks
- Only meta data is shared with the Cynet cloud. All data is kept in a dedicated schema per customer to ensure data isolation.
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
-
Cynet’s target is 100% Availability of the Services. If the Availability Percentage during a given Subscription Year is less than 99.9%, you are eligible for a credit. This SLA applies only to your production environment of the Service, and not to any non-production environment.
This SLA applies separately to each account using the Service. Unless otherwise provided herein, this SLA is subject to the terms of the applicable agreement for the Services between you and
Cynet (“Agreement”) and capitalized terms will have the meaning specified in the Agreement.
Definitions:
“Available” or “Availability” means when the user interface for the Service can be logged into.
Availability excludes any period of time that the Service cannot be logged into due to
(i) a failure between your computer(s) or system(s) and the Internet;
(ii) factors outside of Cynet’s reasonable control;
(iii) any action or inaction of you or a User; or (iv) scheduled maintenance periods and necessary but unscheduled emergency maintenance. - Approach to resilience
-
The Cynet 360 SaaS solution is deployed on the Amazon AWS IaaS.
We utilize various AWS services such as EC2, EBS, RDS, Backup and more, to ensure high availability and disaster recovery.
The System is deployed on multiple AWS Regions to ensure best performance for all customers.
At each region we deploy a scalable traffic router for best ingestion of all incoming traffic that is then directed to the relevant internal service for further analysis. - Outage reporting
- Dashboards, alerting and email alerts
Identity and authentication
- User authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google apps)
- Username or password
- Access restrictions in management interfaces and support channels
-
RBAC with
2-factor authentication
Identity federation with existing provider (for example Google apps)
Username or password - Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
- Username or password
- Devices users manage the service through
- Dedicated device on a segregated network (providers own provision)
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- Between 6 months and 12 months
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- Between 6 months and 12 months
- How long system logs are stored for
- Between 6 months and 12 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- No
- Cyber essentials plus
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
-
Based on ISO 27001, ISO 27032, our security program includes all GRC aspects.
In addition Cynet is following NIST guidance and SSDLC
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- Change request -> change approval chain -> approval -> test env implemention -> pre prod -> production
- Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
-
Our infrastructure is located on AWS.
• Next generation firewall:
• We maintain and regularly audit security groups in AWS and make sure only relevant employees have access to the back-end infrastructure.
• All access to this environment is restricted to specific IP access, given only to the relevant employees and using multi factor authentication for each access.
• All access to this environment is logged and monitored by our company SOC 24/7.
• Data in motion – Cynet encrypts all data in motion.
• Data at rest – Cynet monitors all activities performed on data at rest. - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- All our servers are protected by the Cynet360 agent and monitored 24/7 by our CyOps SOC team.
- Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
-
The Cynet SOC is a 24/7/365 off-site secured location comprised of experiences security specialists. SOC personnel are trained to actively engage Customers whose Cynet 360 installation has detected a threat within The Customer’s organization.
Incidents can be reported either by email, through the Cynet UI or automated through the tool itself.
Incident reports can be requested by email or phone
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Separation between users
- Virtualisation technology used to keep applications and users sharing the same infrastructure apart
- Yes
- Who implements virtualisation
- Third-party
- Third-party virtualisation provider
- AWS
- How shared infrastructure is kept separate
-
The Cynet 360 SaaS solution is deployed on the Amazon AWS IaaS.
We utilize various AWS services such as EC2, EBS, RDS, Backup and more, to ensure high availability and disaster recovery.
The System is deployed on multiple AWS Regions to ensure best performance for all customers.
At each region we deploy a scalable traffic router for best ingestion of all incoming traffic that is then directed to the relevant internal service for further analysis.
All data is kept in a dedicated schema per customer to ensure data isolation.
Energy efficiency
- Energy-efficient datacentres
- Yes
- Description of energy efficient datacentres
- As per AWS Terms
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Tackling economic inequality
- Equal opportunity
Fighting climate change
Cynet is committed to reduce the environment impact that its business activities may have.
• Cynet uses as much as it can recyclable products.
• Cynet encourages greener transport by doing any of the following:
o Encourage staff to walk, cycle, car share or use public transport to get to work if possible.Tackling economic inequality
Cynet is doing its bit to support local communities.
• Sponsorship of or monetary donations to local charities.
• Staff participation in volunteering days.
• Supporting the surrounding community by employing local people.Equal opportunity
• Cynet is for diversity and equal employment opportunities. Cynet adheres to the Equal Opportunities legislation such as the Human Rights Act 2010, Modern Slavery Act 2015, Employment (Equal Opportunities) Law, 5748-1988 and the Equal Rights For Persons With Disabilities Law, 5758-1998.
• Cynet encourages its’s employees to invest in their health, and in the environment, by providing free of charge Pilates training, working from home at least 2 times per week, etc.
• Cynet’s wages exceed the National Minimum/ Living Wage, includes pension benefits, and healthcare plans*
• Cynet has a dedicated HR personal, which regularly conduct interviews with company’s employees to ensure their satisfaction.
• Cynet invests in the welfare of its employees by providing with leisure activities and rewarding work environment
Pricing
- Price
- £11 a licence
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
-
Risk score
Calculation of all the findings across the assessed environment
Active threats
Malware of various types, connection to phishing/malware distribution sites, etc
Industry comparison
Overall risk score of the assessed organization relative to its industry peers
Vulnerable systems and apps
Operating system and applications that miss critical security updates - Link to free trial
- https://go.cynet.com/free-threat-assessment