Detection | Morphick Cyber Security
Morphick Detection

Detection

There is no silver bullet for detecting attacks.

Attackers constantly change their attacks in order to avoid detection.  Defenses need to be dynamic enough to keep pace.  This is why Morphick’s Managed Detection and Response Service utilizes Dynamic Detection capabilities.  Various detection methods are effective based on what you are trying to catch.  At Morphick, it isn’t about having the best single detection methodology as much as it is about having a complete toolbox whereby we have the right capability at the right time.

Detection Includes:

Signature

Does this match a pattern that I know is bad?

  • Bro, SNORT, YARA, Hashing, blacklists, etc.
  • Strong detection for known threats
  • Strong detection for numerous attack techniques

Reputation

Has anyone else seen this before and what do they say about it?

  • Strong detection for known threats
  • Additional context for analysis

Behavior

Does this behave in a suspicious manner?

  • Strong detection for previously unknown threats
  • Strong detection for numerous attack techniques

Analytics

Is there something anomalous happening?

  • Strong detection for previously unknown threats.
  • Strong detection of anomalous activity.

Not only do we have a complete set of detection capabilities, Morphick’s Managed Detection and Response Service also leverages these detection methods to obtain synergies across all of them.  For example, as attackers try to evade behavior-based detection, they often stand out to signature-based detection.  By leveraging multiple detection methods, Morphick is able to continually detect and track attackers as they attempt to avoid detection.