Many companies struggle to understand malicious activity and their effects while a security incident is in progress. It eats up precious time and resources that defenders need to contain the attack and minimize damage. However, a new open-source tool built to increase visibility on suspicious activities detected by organizations aims to relieve this pain.
Detectree, developed by WithSecure (formerly known as F-Secure business), is a detection visualization tool for cyber security defense teams (also known as blue teams). According to Tom Barrow, a senior threat hunter for WithSecure’s managed detection and response service, WithSecure Countercept, finding the links between the suspicious events on an endpoint is paramount for responders.