Endpoint Security Series: Cynet

This week we’re going to be introducing an emerging endpoint solution company: CynetAlthough they haven’t been around as long as CrowdStrike and Palo Alto Networks, their value shouldn’t be overlooked. 

Cynet is the new company on the block in the EPP/EDR space. At barely five years old, Cynet has made a name for themselves very quickly. Cynet is unique in the tech startup world as they received their funding from a US hedge fund instead of a venture capital firm. This means that they are more focused on developing their company to prepare for an IPO instead of trying to sell their technology to a larger company like we’ve seen happen to other endpoint startups. Of the endpoint solutions we have covered so far, their Cynet 360 platform is the simplest to license as they only have one product SKU; there are no product tiers or optional add-on features. All of their features are included in a single product which can be deployed to thousands of endpoints in minutes. 

Cynet’s co-founders come from impressive security backgrounds. Eyal Gruner started his career at age 15 and has been recognized in Google’s security Hall of Fame. Netanel Amar came in with experience as a CTO at a leading Information Security company and held a position as CISO/Director of Information Security for Israel’s National Institute of Testing & Evaluation. They helped build Cynet 360 from the ground up so they didn’t have to grow their feature set through legacy products or acquisitions. This is in stark contrast to Palo Alto Networks and CrowdStrike who have been aggressively expanding via acquisitions and relying on their own legacy code to build a next generation endpoint security product. Cynet chose this strategy partially due to the complexity of trying to integrate acquired technology into an existing product suite which can create UI inconsistencies, missing functionality, or simply too many disparate modules and optional plugins.  

Cynet’s goal is to provide the widest possible attack-vector coverage inside a single client. So far they have done an excellent job with their primary focus on non-mobile devices. Cynet’s interface is my personal favorite of the group as information is presented in a manner that makes it easy to see a general current risk status, as well as drill down and understand the entire attack chain and remediation steps. The built-in remediation actions can be used against endpoints, firewalls, AD, etc. Ideally this allows you to free up cycles on your security teams or help smaller security teams to provide enhanced network and endpoint security than they normally would have the time for.   

The Cynet 360 platform includes Next Generation AV, Endpoint Detection and Response (EDR), User Behavioral Analysis, Network Traffic Analysis, and deception tactics to identify and remediate security incidents. The deception features can deploy decoy files, services, file shares, and servers in your environment that only an attacker will have access to. These decoys are used to help identify attempted lateral movement through your network.  

Cynet also has a 24/7 Managed Detection and Response Team that continuously analyzes alerts, attack reports, and provides threat hunting to create automated response playbooks and bolster detection capabilities. They will notify customers of critical events in their environment and are available for incident response guidance. Cynet’s automated remediation is achieved through custom playbooks that can have pre-programed attack responses. 

While Cynet is still relatively new in the marketplace they have quickly developed a mature product that stands out in the crowd for its design, ease of use, and single product SKU that includes all available features. Cynet deserves to be in the discussion when looking into any EPP or EDR solution.

We have two more parts left in our endpoint security series so be sure not to miss them. Next, we'll be discussing another emerging technology, SentinelOne. Although it’s also a newer solution, it provides comprehensive threat protection with considerable features.  

About the Author: These posts are written by Jeff Schaefer, a Security Engineer at Vandis with extensive experience in endpoint security. Jeff has been in the IT industry for almost 20 years, familiarizing himself in all areas of infrastructure before focusing on security solutions.  Recently, Jeff has spent a great deal of time talking with technology manufacturers and doing independent research to give effective guidance to organizations around endpoint security strategies and initiatives.