LMNTRIX: Security Done Different

I usually write about general cybersecurity issues and insights, but today I want to share what I am up to with my team at LMNTRIX since I’ve been asked about what we are doing a lot lately.  

It probably won’t surprise you to learn that most existing cybersecurity isn’t up to snuff.  The news is constantly reporting massive data breaches from the largest, “best protected” organizations such as Yahoo, Adobe, JP Morgan Chase, and even the US military.  These organizations boasted cutting-edge, top-dollar SOCs, SIEMs, EDRs, sandboxes, firewalls– the whole lot.

Their security just wasn’t good enough.  

This reality is what drives us.  LMNTRIX has reimagined cybersecurity, turning the tables in favor of the defenders once again.  We have cut out the bloat of SIEM alerts and log analysis, and we created new methods for confounding even the most advanced hackers. Our methods are complementary to those already practiced by your internal SOC or MSSP.

Here’s what LMNTRIX does different in a little more detail.

Validated Architecture

We stipulate a validated and integrated architecture that requires clients to hand us a clean network. That means at the very least a client needs to have firewall, IPS, web and email security gateways in place at their Internet perimeter – in blocking mode, cleaning their network. 

Technology Stack

We deploy our own technology stack that is made up of commercial, open source and proprietary solutions to help us detect advanced threats that bypass your perimeter controls. We do not rely on client owned detection solutions (such as IPS) as these are generally poorly configured and badly tuned (adding to the high false positive and false negative rates). 

No Alert Fatigue

Most SIEMs, even the properly configured ones, send far too many threat alerts.  Every cursory, nonthreatening scan of your network can trigger another alert, creating noise behind which real threats can hide.  When it becomes impossible for an organization to investigate every alert, the network security is compromised, and keeping up with every SIEM alert is unfeasible due to the sheer number of notifications.  It becomes impossible to identify which alerts correspond to real threats, and which are the result of an overactive SIEM, overworking your security analysts and compromising your security.

When you get a notification from LMNTRIX, you know it’s serious.  We don’t contact our customers often, but when we do, it is to notify them of a real threat.

Breach Validation

If it appears your network has been compromised, LMNTRIX will investigate for you, CSI-style.  Most security packages will only alert you to the possibility of a breach, leaving the investigation up to the organization. 

Imagine getting a call from the police, saying they suspect an intruder is in your home, but you’ll have to take it from there.  This would be a terrible police department, and you’d probably feel at a loss about how to handle the intruder yourself.  It might even make you question the purpose of having a police department which won’t actually do anything to help you.  A network security package which doesn’t include breach validation is just like that hypothetical police department: shockingly ineffective, nearly useless, and not who you want to help you.

Here at LMNTRIX, we don’t deal in maybes.  When you hear from us, it’ll be a yes or a no, along with the next steps to secure your network once again.  By validating breaches, we reduce escalations and false positives by 95%.

Reclaim Your Fortress

Network security has become hopelessly turned around.  Companies become trapped within their own networks, desperately battling back cyberattackers like medieval knights kicking ladders from their castle walls.  This is not how it should be.  Your network should be your territory, your safe zone.  No outsider should be able to hold you and your data hostage inside your own network.  It should be the attackers who are on high alert once they breach your network.  Imagine an invader breaking into a castle, only to find for a large feast piled in the dining hall in his honor.  Now the attacker is wary, confused, unsure what to do next…

With LMNTRIX, any attacker inside your network will quickly become disoriented, not sure what is real and what is a decoy.  They will follow file paths down false trails, connect to virtual devices designed to trap them, and constantly run the risk of setting off alarms.  LMNTRIX also monitors each endpoint of each client’s network 24x7, and our approach allows for the immediate containment of any detected threat.  When an attacker is detected, your personal, designated LMNTRIX security analyst will initiate a response plan tailored to your unique network environment, and expert incident responders can be quickly engaged to remediate damages and assess potential business impacts.  

Record your Network

It should be clear by now that logs alone don’t give us the evidence we need once a breach has occurred. 

We all know that a breach is just a matter of time. When the inevitable happens, the evidence should tell us how they got in, what they did on your network, if they cleared their tracks, what tools they used, and if any backdoors were established for persistence. 

With LMNTRIX, we are like the DVR for your network. Our technology gives your network photographic memory. Full fidelity packet capture, which is optimized and stored for up to a year, means you will know with absolute certainty if events have impacted your environment. Our platform also detects threats in real time and automatically replays stored packets to discover previously unknown threats through the correlation of proprietary research intelligence, machine learning, flow-based traffic algorithms and multiple third-party threat intelligence feeds.

Automated Hunting – Both Inside & Outside 

The most advanced malicious activity will not be identified by traditional alerting mechanisms – this is where proactive hunting methods will uncover threats that standard perimeter defenses are blind to. Our service includes pro-active network and endpoint threat hunting. We have spent over a year automating this process so you don’t have to. All activities are documented and updated as malicious campaigns evolve.

It’s not enough to know what's happening on the inside of your network, you need to have someone who has your back on the outside too. After all, when hackers steal data, it almost always finds its way to an online black market – the deep and dark web. The back alley of the cyberworld where illegally obtained data is bought and sold.

LMNTRX shines a light on the deep and dark web by using our intelligence, knowledge and proprietary techniques to your advantage. Whether an attacker has stolen your data and is looking to sell it online or if someone is planning to breach your organization and is seeking advice on how to do so, we can use the attacker’s platforms against them so you can be certain of your defenses.

LMNTRIX proprietary technology detects these and other cyberthreats in the deep and dark web by aggregating unique cyber intelligence from multiple sources. We tirelessly analyze cyberthreats that could threaten your organization and then prioritize and enable remediation. We ensure you are never left in the dark. It is the real-world proof that you are cybersecure, and the real-word defense approach that keeps you that way.

By deploying all these security tools, LMNTRIX keeps hackers away from your secure, sensitive information and rapidly reclaims your fortress.

LMNTRIX offers so much more than is possible for any SOC, MSSP, SIEM or perimeter control.  As the security game advances, prevention-based security is hopelessly insufficient and outclassed.  We know attackers have become more advanced, and we know that even the most expensive traditional security packages have consistently failed to protect organizations.  LMNTRIX is making the push into next-generation security, bypassing multi-million-dollar SOCs and SIEMs in effectiveness and countering even the most advanced threats.

If this sounds good to you, we’re happy to be in touch.  You can contact us through our website, or click here.

Want to know more about next-generation security?  Head over to The Three Pillars of Cybersecurity to learn more.

 


On 2017-06-06

Privacy Statement | Terms of Use