Co3 Systems Integrates Investigative Tools with Security Incident Response

Dramatically Reduces Time to Respond; Integrates Automated Threat Intelligence and Malware Diagnosis to Accelerate Visibility and Attack Context; Adds Predictive Tracking and Control

CAMBRIDGE, Mass. – July 30, 2013 – Co3 Systems, the  leader in Security Incident Response software, today announced a significant expansion of its Security Module with the ability to capture incident artifacts—such as malware samples or IP addresses—and automatically identify, correlate and diagnose them through leading threat intelligence services.  With additionnal security and usability enhancements, the new capabilities enable organizations to more closely track both the process and components of a security incident investigation and response.

The gap between breach discovery and containment continues to widen.  According to the 2013 Verizon Data Breach Investigations Report, in 66% of cases (up from 56% last year), breaches can remain undiscovered for years, and in 22% of cases, it takes months to fully contain an incident.  From understanding the point and methods of attack, to identifying asset impact, to coordinating notification and reporting, not only is time of the essence, but proper context is absolutely vital.

"At USA Funds, we pride ourselves on being highly informed and prepared to respond to any incident that represents a threat to our infrastructure and information," said Milan Tesanovich, director of information risk management for USA Funds, a nonprofit corporation that promotes college access and success. "However, the complexity of security and compliance can challenge even the most prepared organization. Co3's product is the only solution we found that can streamline and simplify the complexity; provide a multifaceted, coordinated, real-time response; and help us to continually improve the effectiveness of our overall security defenses. With Co3, we are responding to incidents in one-tenth the time it used to take."

Launched earlier this year, Co3 Systems' Security Module was the first solution to provide automated, single-pane incident management in a secure, isolated environment for general security incidents across the complete organization, including malware infections, Distributed Denial of Service attacks (DDoS) and Advanced Persistent Threats (APTs).  Expanding on the effectiveness, accuracy and consistency of the base platform, the new functionality includes:

Incident Artifact Capture:  Allows the specific attributes of an incident to be automatically integrated into the response management process for exact context.   Co3 supports artifact types including:  URLs, IP addresses, Malware hashes, DNS names, Log files, Emails and Malware samples.

Threat Intelligence Integration:  Automatically searches for and correlates artifact details and context with known active campaigns to identify potential actors, means, or attack methods.  Initial feeds supported by Co3 include:   iSIGHT Partners, AlienVault, and SANS.

Predictive Control:  More effectively aligns response process with specific business needs including an improved incident timeline with milestone tracking to measure organizational performance and an improved task burn-down chart to highlight problems before they occur.

Customizable Task Instances:  Allows organizations to easily tailor response plans to their unique requirements, transforming the basis for incident response from static binders to an always up-to-date, repeatable and expert system.

"Speed and accuracy are critical in incident response," said John Bruce, CEO at Co3 Systems. "So often organizations are acting with incomplete information or incorrect assumptions.  This severely impedes response activities or, in the worst case, can derail them outright.  With these new capabilities, we provide responders with the tools to target their investigations and quickly understand the exact context of an attack for faster and more capable response."

Pricing and Availability

The new features are accessible to Co3 Security Module customers at no additional cost. The Security Module is licensed annually by the number of seats and support is included in the annual subscription.

Total Security Incident Response

Co3's Privacy Module was the market's first daily use and preparedness tool for privacy incidents and is considered today as the industry standard.  It provides an easy, automated way to ensure consistency and accountability—across teams, organizations and external stakeholders— in managing incidents that concern Personally Identifiable Information (PII).   Co3's Security Module extends the capability to manage response to security events such as malware infections, phishing-related compromise, Distributed Denial of Service (DDoS) attacks, device or Intellectual Property theft and system intrusions. Together, the Modules provide the most comprehensive solution for end-to-end management of incident response planning, preparedness and execution.

Follow Co3 Systems: 

Co3 Systems Blog:


Events & Webinar Series:

Twitter: @co3sys 

About Co3 Systems: 

Headquartered in Cambridge, MA, Co3 Systems is an innovator in Security Incident Response solutions. The company’s SaaS-based offering enables organizations of all sizes to efficiently prepare for and rapidly manage the Incident Response Process for Security incidents or Privacy breach events. Companies using Co3 demonstrably minimize the costs resulting from incidents. With funding from Fairhaven Capital, the company’s executive team and advisors comprise security experts from world-leading security, software and service organizations. On the web at