Threat Detection for Clouds and Datacenters

Threats are always evolving, you need to do better than just perimeter-level security. Cmd makes it easy to up-level protection inside mission-critical environments with better visibility, strong controls, and simple policies that keep data safe and stop breaches.

Trusted by Great Companies

# Inside your firewall, it’s the wild west

Production Linux environments are typically protected by VPNs, firewalls, WAFs, and all sorts of edge technologies. All too often, however, once you get inside the perimeter it’s the wild west. That’s why issues like lateral movement and privilege escalation can be so hard to spot – many companies just don’t have controls in place to enforce security policy after an attacker gets inside – or even the visibility to see it.

Cmd detects threats throughout Cloud and Production Linux

Monitor and authorize activity in real-time

Cmd gives you unparalleled visibility into user activity through live session views as well as historical audit logs stored centrally for easy search and access. Browsing sessions is like looking over the user’s shoulder – complete with command lines, output and error, file diffs, and system context at the time of command execution. You can also connect commands to Slack or Team to authorize login or command execution in real-time.

Detect and respond to anomalous behavior

Sometimes users do things in production they shouldn’t be doing, introducing operational risk to your mission-critical operation. Other times can be even scarier – hackers stealing credentials or escalating privileges to gain shell access deep inside your production environment. With Cmd you can spot anomalous user activity immediately through alerts that fire based on MITRE ATT&CK techniques as well as numerous other detection mechanisms, and shut down those sessions immediately.

Deploy everywhere, quickly and easily

Cmd runs directly on the hosts in your Production Linux environment to provide multiple layers of security that help you identify issues, see threats, and stop breaches. What makes Cmd so powerful is that it’s incredibly easy to set up and operate – so you can see what’s happening on your servers within minutes, and adapt quickly to the changing world and the threat landscape that comes with it.

Protect logins with 2FA

One of the quickest security wins you can achieve in your cloud or datacenter is deploying 2FA. Cmd makes this typically complex project very easy. Use the authenticators you have (Google Authenticator, Duo, Yubico, and more), and a simple policy in Cmd completes deployment everywhere without cumbersome user provisioning. Protect every instance, track every identity even for shared accounts and root users, and boost your security posture dramatically.

MONITORING

Monitor and authorize activity in real-time

Cmd gives you unparalleled visibility into user activity through live session views as well as historical audit logs stored centrally for easy search and access. Browsing sessions is like looking over the user’s shoulder – complete with command lines, output and error, file diffs, and system context at the time of command execution. You can also connect commands to Slack or Team to authorize login or command execution in real-time.

DETECTION

Detect and respond to anomalous behavior

Sometimes users do things in production they shouldn’t be doing, introducing operational risk to your mission-critical operation. Other times can be even scarier – hackers stealing credentials or escalating privileges to gain shell access deep inside your production environment. With Cmd you can spot anomalous user activity immediately through alerts that fire based on MITRE ATT&CK techniques as well as numerous other detection mechanisms, and shut down those sessions immediately.

PROVISIONING

Deploy everywhere, quickly and easily

Cmd runs directly on the hosts in your Production Linux environment to provide multiple layers of security that help you identify issues, see threats, and stop breaches. What makes Cmd so powerful is that it’s incredibly easy to set up and operate – so you can see what’s happening on your servers within minutes, and adapt quickly to the changing world and the threat landscape that comes with it.

2FA

Protect logins with 2FA

One of the quickest security wins you can achieve in your cloud or datacenter is deploying 2FA. Cmd makes this typically complex project very easy. Use the authenticators you have (Google Authenticator, Duo, Yubico, and more), and a simple policy in Cmd completes deployment everywhere without cumbersome user provisioning. Protect every instance, track every identity even for shared accounts and root users, and boost your security posture dramatically.

ARTICLES

Threat actors are adapting everyday

Attackers thrive on chaos, which is why security remains a critical function even in these chaotic times. Phishing attacks are focused on your cloud, leading to a need for better privileged access control. Meanwhile, algorithms trying to detect abnormal behavior using geolocation and time-of-day all need to be retooled, otherwise your SOC will be overwhelmed by alert fatigue. Cmd can help with all this.

WHITEPAPER + WEBCAST

Taming the Wild West

Lack of visibility and control inside the cloud or datacenter perimeter is not a new challenge. Check out this whitepaper, published by SANS, describing some of the core best practices that organizations must take to up-level security in Production Linux environments. Want to learn more? Listen to the author of this whitepaper, SANS instructor and security specialist Matt Bromiley discuss these topics on his recorded webcast.

Copy link
Powered by Social Snap