Securonix, Inc., a leader in next-gen SIEM, today announced the launch of its network traffic analysis (NTA) product that will provide bundled Corelight network sensors and use case content. Securonix NTA will be an integral part of the Securonix SIEM product, enabling customers to deploy a single solution that correlates network traffic, security events, and entity context to detect and respond to the most advanced insider and cyber threats.
Customers today are struggling to detect the sophisticated slow and low attacks which require monitoring a blend of network traffic activity, user actions, and system behaviour patterns. Stand-alone network traffic analysis tools can monitor traffic and detect network traffic anomalies, however, such anomalies without the user and system context are less actionable and can add to the noise. Traditional SIEM solutions, have the same problem – unless they are ingesting network traffic metadata, they lack the context to differentiate real threats from bad hygiene user activities.
With Securonix NTA, the Securonix SIEM platform now provides customers a single platform that monitors and correlates network traffic events, security events, and user activities (with built in UEBA) to detect the most advanced threats. The solution uses the MITRE ATT&CK framework to help incident responders organise the indicators of compromise (IOCs) from NTA, SIEM, and UEBA and to help them break or interrupt an attacker’s kill chain, and to surface the highest risk threats to their environment.
“Cyber threats continue to become more advanced and complex every day. Looking at user activity, security logs, and network events in silos may result in advanced threats going undetected,” said Nitin Agale, SVP of strategy and marketing at Securonix. “By combining SIEM, UEBA, NTA and SOAR funct ..
Support the originator by clicking the read the rest link below.
