Gigamon's new ThreatINSIGHT release offers teams visibility into historical netw...
source link: https://siliconangle.com/2022/02/09/gigamons-new-threatinsight-release-offers-teams-visibility-historical-network-data/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Gigamon's new ThreatINSIGHT release offers teams visibility into historical network data
Cloud visibility and analytics company Gigamon Inc. today announced a new release of its network detection and response solution.
The latest release of ThreatINSIGHT Guided-SaaS NDR offers teams visibility into historical network data and the tools to use that data to identify adversary activity across the MITRE ATT&CK framework.
Gigamon noted that the average adversary dwell time is now more than 285 days, giving adversaries the opportunity to find and breach an organization’s most sensitive data and intellectual property, aiming to hold it for ransom. The company argues that other NDR solutions typically provide 30-day data retention, missing these “low and slow” threats.
The new version of Gigamon ThreatINSIGHT is said to be the only NDR to address extended dwell times with 365-day retention of rich network metadata. The use of long data retention enables more proactive threat hunting, lessening the pressure of ransomware, advanced persistent threats and cybercrime that results in 70% of security operations center teams reporting burnout.
Gigamon says ThreatINSIGHT Guided-SaaS NDR equips security teams with ten times longer data retention than other NDR offerings on the market, enabling better threat hunting, including extended detection and response programs. SOC analysts can also respond with immediate validation on whether newly reported vulnerabilities have been exploited in the past.
The new release includes guided playbooks that are designed to empower investigators to identify attackers based on real-world behaviors – all within a few mouse clicks and guided by battle-tested playbooks.
Gigamon ThreatINSIGHT Guided-SaaS NDR includes support for parallel hunting, which allows SOC teams to coordinate faster with more effective threat hunting efforts across the globe via parallel queries and investigations. When combined with guided playbooks, the company says, SOC teams can rapidly leverage their institutional knowledge to stay ahead of attackers.
Extended reporting with 90-day at-a-glance dashboards assists organizations who are required to comply with reporting mandates following data breaches. A lack of historic network visibility can impede compliance, digital forensics and audit efforts across the organization. ThreatINSIGHT provides a 90-day dashboard to support compliance needs by offering organizations unparalleled visibility into their networks, according to Gigamon.
“Every new data breach, insider threat and ransomware attack underscores the need for high-fidelity detections that are as effective as adversaries are persistent,” Michael Dickman, chief product officer at Gigamon, said in a statement.
Image: Gigamon
A message from John Furrier, co-founder of SiliconANGLE:
Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.
Join Our Community
Click here to join the free and open Startup Showcase event.
We really want to hear from you, and we’re looking forward to seeing you at the event and in theCUBE Club.
Click here to join the free and open Startup Showcase event.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK