Better decisions earlier


A cyber risk prioritisation platform
so you know which fires to put out first


A Platform for Management

Dashboard with Border.png

Clearly understand where your risks lie

Cyber attacks are now a certainty. Most organisations however, struggle to understand their current exposure and CISOs find it difficult to explain this to non-security specialists in their management team.

Medulla provides an intuitive, clear and prioritised way of understanding which assets are under the highest threat and helps communicate this in simple, human terms. Attention is immediately drawn towards escalating threats to the business critical assets. This visibility is essential to managing cyber risk effectively and reduces impact across the organisation.


Know whether your defences are working

Organisations invest an increasing amount into cyber defences. It is not always clear if these controls are working and whether they are effective in reducing the cyber risk to that part of the technology estate.

Medulla allows management to evaluate whether controls are effective in reducing cyber risk. Easy-to-understand cyber risk metrics for every asset and for the whole system is quantified, tracked and reported in real-time. These metrics are underpinned by evidence on which assets are experiencing the most suspicious activity, whether these are entry points, staging posts or high value targets.

Make confident decisions on security investment

While cyber security is critical, organisations do not have infinite resources. Focusing too much in one area could leave a gaping hole in another. A risk-based approach to investment in security capability is the only sustainable way. Cyber risk is simply another business risk that needs to be understood, tracked and mitigated as it arises and shifts.

Medulla delivers the evidence to support decisions on where to strengthen your security posture. CISOs can easily generate a report with critical metrics to measure cyber resilience and how that is changing over time. This focuses boardroom discussions and prioritises investment towards the assets at highest risk of compromise.

Screen Shot 2018-05-10 at 15.27.16.png

A Platform for Security Operations

Universal View with Border (1).png

Actionable early warning of risk

Security operations want to shift towards a proactive security posture. Analysts want to take preventative action to interrupt the attacker before they reach their attempted targets. But rule-based detection systems need complete signatures to trigger alerts, often too late. On the other hand, most AI or ML detection tools escalate abnormal behaviour without context, create too much noise and drown operations.

More alerts is not the same as better alerts. Medulla applies your unique profile and policies to our algorithms to ensure the right prioritisation for your organisation and context. This is optimised to provide actionable early warning of attack activity in real time, particularly slow-moving advanced, persistent attacks. Medulla speeds up decision-making through prioritised intelligence, personalised filters, thresholds and watchlists. Ultimately, this enables quicker time to resolution, minimising the impact.

Rapid understanding of attack trail

It is not enough to simply flag up a possible attack. To take action, it is critical to rapidly understand the trail of evidence and 'validity' of a warning in simple, human logic. Machine learning can be a real boost, but humans remain the ultimate custodians of your organisation’s security management.

Traceability speeds up action. Medulla’s underpinning analytics applies fully retraceable logic. Advanced attackers are typically “low and slow”, stealthily building up an attack trail. Medulla accelerates the security analyst’s ability to unpick the attack trail behind the early warning. The powerful interface directs the analyst towards the most suspicious activity within nodes and across peer groups or subsystems of assets. This speeds up decision-making on early intervention.

Easily-integrated into existing workflow

Security technology can be expensive to operate. This is easily overlooked, as the operating expenditure is often hidden, inadequately tracked and poorly understood. And yet, the vast majority of security technologies are not well-integrated. These tools are designed as boxes with “hard edges” for stovepiped operations.

Good integration reduces operating expenditure. Medulla is designed to be easily integrated. Open APIs have been developed for widely-used Security Incident and Event Management (SIEM), threat intelligence and vulnerability assessment technologies. Medulla can be configured to trigger alerts in most common messaging services, or integrated into common ticketing systems and fed directly into your existing incident management workflow. The platform is designed to focus and prioritise, with minimum disruption to existing security operations.

Screen Shot 2018-05-11 at 14.26.18.png