Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Reining in out-of-control security alerts

Antone Gonsalves | May 15, 2014
Enterprises unable to process the flood of alerts received each day from security systems have several options available to regain control and improve network defenses, experts say.

Vendors such as Damballa, FireEye, Lastline and General Dynamics Fidelis Cybersecurity Solutions apply intelligence to outbound traffic to spot possible malware in the network.

"I call the posture assumed breach," Morales said. "Instead of trying to stop breaches, I try to stop data loss."

In general, the technology checks the IP addresses where data is heading and compares them to a continuously updated blacklist of known addresses used by cybercriminals.

The technology can also analyze packets to determine whether they contain characteristics indicative of malware.

Currently, these types of systems require a combination of hardware and management services provided by the vendor, Morales said.

As the technology matures, he expects more automation and less of a need for outside services.

"Right now, there's too much manual processing (of data)," Morales said.


Previous Page  1  2 

Sign up for CIO Asia eNewsletters.