Celerium, a cybersecurity provider, has unwrapped Compromise Defender, a solution it’s positioning as an early detector and defender of compromise activity that is often a precursor to a network attack.
Removing the Cl0p/MOVEit Ransomware Threat
The tool, which is part of Celerium’s Cyber Defense Network, leverages technology from Dark Cubed, acquired by Celerium in September 2022 and used by the U.S. government for more than four years, the company said. It is currently being piloted with several government and commercial organizations.
An additional and timely capability is that the system can rapidly respond to the recent Cl0p/MOVEit ransomware threat. Compromise Defender integrated more than 1,500 indicators of compromise (IOCs) provided by the Cyber and Infrastructure Security Agency (CISA) and other organizations to deliver prompt and efficient protection for organizations in the pilot.
Several organizations observed reconnaissance activity associated with MOVEit infrastructure, and Compromise Defender blocked that activity, Celerium said.
Tommy McDowell, Celerium general manager, touted the technology’s ability to detect threats and launch an effective defense.
"Beyond Cl0p/MOVEit and other current threats, Compromise Defender is primed to protect organizations from future attacks, malware campaigns, and phishing attacks, including those that ChatGPT and other AI-enabled technologies and threat actors automatically generate.”
A Closer Look at Compromise Defender
Here are some of Compromise Defender’s key features:
- 30-minute non-intrusive implementation, without any hardware or software to install
- Secure connectivity between an organization's perimeter firewalls to Celerium's Decision Engine hosted on the AWS cloud
- 100% automated, eliminating the need for integration with SIEM or IT security stack solutions
- Autonomous operation, requiring no IT staff for day-to-day management
- Real-time automated defense mechanisms to block network threats and compromise activity. The real-time mechanism re-optimizes network defense measures every 15 minutes
- Integrated automated analysis and reporting platforms show compromise activity (of reconnaissance, C2 server activity, malicious port activity) in the Compromise Defender portal
- Configurable support for a community of individual organizations