New approach for real-time security incident response
NetCitadel announced a new analytics-driven, context aware approach for protecting enterprise networks from increasingly sophisticated security attacks and APTs.
The evolution and increased frequency of malware and APTs has reduced the effectiveness of traditional threat detection and enforcement solutions. With nearly 200,000 new malware samples appearing each day 1, new detection solutions have emerged to detect the new attacks, producing more threat events than can be evaluated or managed in a timely fashion.
To make matters worse, most organizations have only a handful of highly trained security analysts who are tasked with manually executing the all-important steps of investigating, verifying, prioritizing, and containing the detected threats. The result is that the gap between detection and response is getting wider.
NetCitadel is developing a threat management platform that addresses the security analysis and intelligence needs of today’s incident response teams. This analytics-driven approach adds context data to events generated by threat detection devices such as AMD systems and SIEM solutions to facilitate rapid and intelligent decisions.
The solution integrates with existing security devices, such as firewalls and web proxies, to deliver real-time responses to security events.
Without the proper context, it is almost impossible to prioritize events and make good security decisions. Unfortunately, many security teams are forced to collect critical context data using time-consuming manual processes.
According to Gartner, “Security platforms must become context-aware – identity, application, content, location, geolocation and so on – in order to make better information security decisions regarding advanced target attacks (ATAs).”
NetCitadel’s solution delivers the necessary context in an easy-to-use interface that enables security analysts to quickly verify which issues are real and which issues can be safely ignored.