Tidal Cyber Launches Threat-Informed Defense Platform
Community Edition, the first of multiple Tidal offerings, enables security analysts to gain advanced knowledge of adversary behaviors
Washington, D.C. - August 10, 2022 - Tidal Cyber, a leader in threat-informed defense, has today announced the general availability of the Community Edition of their SaaS threat-informed defense platform. It is freely available at: www.tidalcyber.com/communityedition
The Tidal Platform enables businesses to assess, organize and optimize their cyber defenses based on a deep understanding of the threats and adversaries that are most relevant to them. Tidal’s Community Edition is available free of charge and enables security analysts to more easily and efficiently apply the advanced knowledge of adversary behaviors, as defined by the MITRE ATT&CK® knowledge base and additional open-source threat intelligence sources, to their unique environment. Beyond this, the platform also enables analysts to make this threat information actionable by showing how specific security products address adversary behaviors to better defend against those threats.
“Threat-informed cyber defense is based on understanding how adversaries are likely to attack your organization and using that knowledge to ensure you have the optimal security solutions in place,” said Richard Struse, Chief Technology Officer and Co-Founder of Tidal Cyber. “Our goal is to enable security teams to maintain a ‘single source of truth’ for all data regarding relevant threats and countermeasures. With the availability of Community Edition, organizations can now not only explore the extensive knowledge base of adversarial behaviors more efficiently, but also quickly research solutions available to defend against those threats.”
Specific features and highlights of Tidal’s Community Edition include:
- Advanced Adversary Behavior Search that enables security analysts to rapidly investigate relevant ATT&CK objects (e.g., tactics, techniques, sub-techniques, groups, software, data sources, references), as well as information on how to defend against those behaviors.
- Tidal’s Product Registry, a curated repository of vendor-provided security product capabilities mapped to specific adversary behaviors. The registry describes how each product protects, detects, responds or tests ATT&CK techniques, as well as the data each product generates to map to ATT&CK Data Components. This allows defenders to see how their current security stack stands up to the adversary behaviors they care about and evaluate options to fill any gaps.
- Knowledge Base Labels which enable users to explore the relationships between the threat objects that are most relevant to their organization.
- Custom Technique Sets that allow defenders to group specific techniques and sub-techniques with custom labels, making it easy to track and communicate emulation plans and new threat research.
Solution providers whose product capabilities are available in Tidal’s Community Edition at launch include Atomic Red Team, AttackIQ, BreachBits, BluVector, Picus, Remediant, SCYTHE, Sysmon Modular, and Trinity Cyber. A number of other solution providers, including Check Point, Cybereason, SentinelOne, and Zscaler have also committed to joining the Product Registry, and their data will be integrated into the Community Edition shortly. Tidal will also be releasing frequent updates to the platform in which additional solution providers and new product features will be added.
“With the Tidal platform, my team will be much better equipped to understand the threats we face and answer questions such as: ‘which threats are most relevant to our business?’, ‘where are our gaps and redundancies?’ and ‘is a particular security solution going to improve our protection against those relevant threats?’,” said Patricia Titus, Chief Information Security Officer at Markel Corporation.
“Vulnerability management is important in cyber security. However, a defensive strategy driven primarily by vulnerability management doesn’t do enough to prioritize threats relative to the severity of risk posed to a specific organization, its unique threat surface, and its unique security stack,” said Patrick Donegan, Principal Analyst at HardenStance. “By enabling a threat-informed defense, Tidal Cyber makes it a lot easier for users to assess their specific cyber risk relative to the latest threat intel flagged up by the ATT&CK framework, identify capabilities and gaps in their own security controls for defending against the highest risk threats, and then configure those controls optimally for the most effective defense.”
The Community Edition is the first of multiple offerings of the Tidal Platform. Subsequent platform editions will be announced later this year and will feature expanded functionality such as the ability to overlay threat models against the security solutions in your environment to identify areas of coverage, gaps, and redundancy.
To stay up to date on all of the latest news surrounding Tidal Cyber, please visit: www.tidalcyber.com.
About Tidal Cyber:
Founded in January 2022 by a team of threat intelligence veterans with experience at MITRE, the U.S. Department of Homeland Security, and a wide range of innovative security providers, Tidal Cyber enables businesses to implement a threat-informed defense more easily and efficiently. The Tidal Platform helps our customers map the security capabilities of their unique environment against the industry’s most complete knowledgebase of adversary tactics and techniques including the MITRE ATT&CK® knowledge base, additional open-source threat intelligence sources, and a Tidal-curated registry of security product capabilities mapped to specific adversary techniques. The result is actionable insight to track and improve their defensive coverage, gaps, and overlaps. For more information, please visit: www.tidalcyber.com.