Accenture and Endgame Inc. have created a threat hunting as-a-Service offering for clients. Powered by Endgame and operated by Accenture senior cybersecurity hunters, the powerful service stealthily helps to identify and surgically remove known and never before seen adversaries that have evaded traditional security methods.
Core to the offering are Accenture’s seasoned global cybersecurity hunters, whose deep experience enables them to identify and terminate the efforts of latent attackers targeting organizations’ intellectual property, business systems or other key assets. Clients can benefit from continuous business operation, free from disruption faced by users of traditional security approaches, who are typically under siege for months as they try to identify and remediate sophisticated adversaries.
"Today, cyber attackers can circumvent even the most fortified of traditional enterprise defense systems," said Vikram Desai, managing director, Accenture Analytics – Security Lead. Rather than building a taller defensive wall, we’re giving our clients the ability to strike first – to stop adversaries before they attack. Delivering this capability requires two fundamental elements: battle tested experience outmaneuvering enemies and specialized technology that gives you an unfair advantage. With Endgame, this is exactly what our hunting as-a-Service offering delivers. Armed with it, our clients spend less time dealing with threats and more time on innovation and growth."
"Attackers are winning far too often," said Nate Fick, CEO of Endgame. "We need to compress adversary dwell time by vigorously hunting across the enterprise architecture and terminating malicious behavior before it can get too far. Endgame and Accenture’s joint solution combines state-of-the-art technology with top-notch talent in order to deliver an always on, end-to-end hunt solution that simply outsmarts traditional Indicators of Compromise (IOC) and signature-based tools."
The managed threat hunting as-a-Service consists of:
- Continuous endpoint monitoring and reporting for targeted attacks that have bypassed defensive security technologies.
- Ability to expose and eliminate active and dormant adversaries that have infiltrated networks, followed by a precise response without disrupting normal business operations.
- An actionable list of vulnerabilities and procedures to remediate and prevent future attacks, reducing the cost and impact of incident response.
"The ability of cybercriminals to sneak past even the most fortified defense systems has intensified the pressure on organizations to develop better threat detection capabilities," said Zeus Kerravala, founder and principal analyst with ZK Research. "Rather than waiting for a cyberattack to happen, enterprises need to arm their people with skills and technologies to help them generate actionable intelligence and hunt effectively. That’s why the Accenture and Endgame threat hunting as-a-Service offering is an industry game changer. Drawing upon Accenture’s deep bench of skilled security professionals and combined with Endgame’s platform it will enable the early detection and removal of malicious activity."
"As attacks have become more advanced, enterprises can no longer sit back and wait for threat data to come to them," said Ryan Gurr, Information Security Manager at NuScale Power. "The next generation of security challenges requires a more proactive approach to detect and respond to threats that have evaded defensive technologies. I have found Endgame’s Hunt platform helpful in allowing an analyst to quickly detect never-before-visible malicious behaviors on host systems, and block and remove threats at the earliest stages."
In March 2016, Accenture announced an alliance and minority investment into Endgame to resell the company’s hunt platform as part of its portfolio of holistic cyber defense services that include strategy, transformation, managed security services, the Accenture Cyber Intelligence Platform, automated threat intelligence, monitoring, advanced analytics and real-world adversary simulations, as well as incident response and remediation.