Case Study: Large U.S. Software Service Company achieves rapid, cost-saving incident verification with Cybereason

Software Vendor Avoids Hiring an Expensive Incident Response Firm

Large U.S. Software Service Company received a government warning that its name had appeared in hacker forums and could be targeted for a DDoS attack, plus a list of 2,000 potentially malicious IP addresses. With a small security team and limited resources—facing the prospect of hiring an expensive incident response firm—the company engaged Cybereason and its endpoint detection platform and silent sensors to cost‑effectively verify whether an attack was underway.

Cybereason deployed sensors across 3,500 endpoints and servers within a day, providing immediate endpoint visibility and forensic context that showed the traffic to the flagged IPs was benign (originating from a signed, non‑compromised Chrome instance using legitimate credentials) and that there were no indicators of compromise. By using Cybereason, the Large U.S. Software Service Company avoided a potentially multi‑million‑dollar incident response engagement, resolved the alert internally, and confirmed its environment was clear.