Skip to main content
Tech Updates

CypeerPOT: the new feature of CYBEROO MDR

13 September 2024September 20th, 20243 min read

In recent months, we have released a new module for the MDR Cypeer: CypeerPOT. This new functionality further enriches the capabilities of our Managed Detection and Response (MDR), offering an advanced way to identify ongoing attacks within customers’ logical infrastructure. In this article we delve into how it works and the benefits of this new module.

What is CypeerPOT?

CypeerPOT is designed to act as a ‘canary’ within the corporate network. Presenting itself as an ordinary server, CypeerPOT waits for an attacker to attempt to breach the system or perform unauthorised activity on any services that are, purposely, exposed and made available. This proactive approach makes it possible to quickly identify threats and respond efficiently to mitigate them.

In addition, the detection methodology adopted by CypeerPOT puts the Cypeer Solution in a position to identify even those types of sophisticated attacks that do not generate overtly malicious evidence, but ‘move’ within the customer’s network, emulating legitimate behaviour.

However, even in this case, CypeerPOT is able to readily identify the threat posed by such activities as not being in line with the expected behaviour of any legitimate network user.

How works CypeerPOT?

  1. Exposure on the network: CypeerPOT presents itself as a normal server within the company’s network, making itself a tempting victim for attackers.
  2. Activity detection: when an attacker attempts to interact with CypeerPOT, the system records all activity, identifying the source and nature of the attack or abnormal behaviour.
  3. Immediate reporting: if suspicious activity is detected, CypeerPOT immediately sends a high risk alert to our I-SOC (Intelligent Security Operations Center).
  4. I-SOC intervention: upon receipt of the alert, the I-SOC team promptly takes action to prepare mitigation of the threat, protecting the customer’s infrastructure.

Benefits of CypeerPOT

  • Proactive Detection: identifies attacks before they can cause significant damage, even in the very early stages of ‘discovery’ of possible targets by the attacker.
  • Detailed Analysis: provides precise information on the origin and nature of threats.
  • Rapid response: the I-SOC takes immediate action to contain and mitigate threats, ensuring the continuous security of the infrastructure.

High level of security

With the introduction of CypeerPOT, CYBEROO continues to innovate and enhance the capabilities of the Cypeer MDR. This new feature not only strengthens the security of the corporate network, but also offers a higher level of protection against advanced threats.

For more information on CypeerPOT and how to integrate this functionality into your infrastructure, please contact us.