SightGain was founded with a single purpose — to give organizations a clear picture of how prepared their cyber defenses really are to withstand a cyberattack. To do so, we went back to the basics to figure out why cybersecurity investments are falling short. We’ve all seen time and again that compliance checklists and patching regimes aren’t cutting it. There’s a missing piece to the equation. SightGain stepped in to solve it by reframing cybersecurity thinking around the concept of cyber readiness.
Now, we’re excited to announce that SightGain’s Readiness Platform is significantly upgraded and better than ever. We redesigned the platform interface to improve the user experience and added in key new capabilities that will allow you to measure the performance of your organization’s people, processes, and technology against real cyber threats.
Here’s what’s new.
Based on customer feedback from our first version, we built SightGain Version 2.0 to make increasing your readiness even more intuitive. We added in the most requested features and organized the platform’s capabilities into three logical modules: SOC Validation, Training, and Risk. Each module addresses an important element of building, tracking, and increasing cyber readiness.
The SOC Validation feature continuously tests production security technologies, processes, and analysts’ ability to detect and respond to real threats. The module then displays that data in easy-to-read dashboards that allow you to understand what is happening in your SOC and how you can improve performance.
SightGain digs deep into the performance of the system and provides robust SOC Performance Analytics to understand and improve how well your SOC is identifying attacks. This includes empirical data about the function and efficiency of all aspects of your SOC, including both detection and response. The analytics give you the knowledge and clarity to make decisions with confidence and optimize your security operations.
SOC Performance Analytics includes information about what is being done manually, and what is being done through automation. They give you the visibility and data you need to optimize the SIEM, personnel, and operations that form the hub of your security system.
New to Version 2.0 is SightGain’s SIEM Signal to Noise ratio. It helps you assess the core of your SOC’s central nervous system. It lets you know how well alerts actually correlate to security incidents and helps you ask the right questions and provides concrete recommendations to prevent more attacks and reduce alert fatigue.
SightGain improves personnel performance by giving you the tools to assess their response to live-fire tests and assign training based on real gaps in the SOC. Like our original innovation, this training occurs in the production environment where performance really matters. The training module in SightGain Version 2.0 is even better. Version 2.0 maps the latest attacks to frameworks such as MITRE ATT&CK and National Initiative for Cybersecurity Education (NICE), and allows you to choose and assign relevant training curriculums to your SOC analysts.
The new Curriculum function guides analysts of all experience levels through realistic scenarios. SOC leaders have the flexibility to assign proper training exercises to new, experienced, and advanced analysts, based on their experience and their expected tasks. students can see their assignments and their progress through each course. Training includes both guided training and live-fire exercises that teach them how to apply their knowledge to real attacks using the same equipment they use every day in production.
SightGain keeps analysts engaged in their training through gamification. Analysts can track their progress and earn experience points and badges as evidence of their achievements as they train.
In addition to making training accessible for all analysts, the platform also gives managers unmatched visibility into how their analysts are progressing. SOC leaders no longer have to guess what training their analysts have completed, how well they are performing, and what topics they have completed or failed. They get better visibility than ever into what analysts are actually learning, understand what performance gaps remain in SOC personnel, and identify the root cause of those gaps.
The Risk Assessment Module in SightGain 2.0 uses empirical results of system performance against leading threats to build a comprehensive risk profile. This approach gives you the highest quality risk metrics in the industry because they are based on actual performance. It gives you the information you need to assess the performance of your technologies, processes, and people, and make improvements that reduce real risk. And, with a robust API, it makes automated reporting of risk and compliance data easy no matter which reporting platform you use.
In a holistic sense, instead of merely estimating business risk based on complicated mathematical models and expert opinions, it determines business risk based on empirical performance data gathered from actual SOC performance. It provides that information as accessible dashboards, allowing you to understand the risk and make well-informed decisions across your entire SOC.
SightGain shows you the ROI and cost-benefit balances of technologies in place. They help you quantify your technology’s current ability to reduce risk, as well as its maximum potential. This equips you to identify well-performing, underperforming, and redundant technologies. You have the insights you need to make confident decisions
In addition to technical performance, Sightgain 2.0’s Risk Assessment module also allows you to identify how well personnel are responding to threats, and identify places where you can reduce the risk associated with personnel gaps. Between this facet of the Risk module and the training module, SightGain Version 2.0 equips you with the data you need to make the most of your personnel.
The risk module also helps you track your compliance progress. It automatically tracks compliance across leading frameworks like CMMC, MITRE ATT&CK, NIST 800-171, NIST 800-53. The module also offers native integration with the new MITRE D3FEND model. These features allow you to reach compliance goals alongside increasing your readiness.
With SightGain Readiness Platform 2.0, it has never been easier or more intuitive to incorporate cyber readiness into your SOC. With SOC Validation, Training, and Risk modules, Version 2.0 gives you all the tools you need to assess how your technology, processes, and people are working. It lets you perform live-fire training to improve analysts’ skills for responding to real threats on your production SOC equipment. It presents the analytics you need to identify what is working in your SOC. And it gives you a clear view of your real risk.