Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Detect and respond: How organizations are fighting off targeted attacks faster

George V. Hulme | Nov. 21, 2013
With targeted attacks constantly finding new ways to break in, enterprises are seeking new ways to rapidly detect and respond to the rising threat

The promise was that NetCitadel would be able to integrate data from Moore's network and application firewalls, anti-malware, forensics, and other applications, and then alert and block attacks based on real-time data. "I would be able to, based on workflow and criteria that I define, identify an attack underway and stop certain activity, such as egress traffic to the IP address of the command and control server," Moore says.

In this example, I've effectively stopped the threat from communicating out to its command and control server. This buys us time. We still need to be fast to respond, but we now have additional time, because we've cut it off," he says.

Yesterday, NetCitadel delivered its threat management platform, ThreatOptics, which, the company claims, incorporates data from anti-malware applications, forensics tools, application and network firewalls, and security event and information management systems. The platform can also use firewalls and web gateways to respond in real time to events.

"Good security today isn't reached with detection, it's also about swift response. The ability to capture and integrate data like this is critical to keeping systems and data secure," Moore says.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.