NetCitadel, Inc., the pioneer in innovative threat management solutions, today announced a new analytics-driven, context aware approach for protecting enterprise networks from increasingly sophisticated security attacks and Advanced Persistent Threats (APT).
The evolution and increased frequency of malware and APTs has reduced the effectiveness of traditional threat detection and enforcement solutions. With nearly 200,000 new malware samples appearing each day 1, new detection solutions have emerged to detect the new attacks, producing more threat events than can be evaluated or managed in a timely fashion. To make matters worse, most organizations have only a handful of highly trained security analysts who are tasked with manually executing the all-important steps of investigating, verifying, prioritizing, and containing the detected threats. The result is that the gap between detection and response is getting wider.
NetCitadel is developing the first threat management platform of its kind, one that addresses the security analysis and intelligence needs of today’s incident response teams. This analytics-driven approach uniquely adds rich context data to events generated by threat detection devices such as Advanced Malware Detection (AMD) systems and Security Incident and Event Management (SIEM) solutions to facilitate rapid and intelligent decisions. In addition, NetCitadel’s solution integrates with existing security devices, such as firewalls and web proxies, to deliver real-time responses to security events.
“We have a rich mix of threat detection solutions to identify potential security events as they happen, but we quickly discovered that visibility was only half the battle,” said Kevin Moore, Director of Information Technology at Fenwick & West LLP. “Once an event has been detected, our team still has to spend precious time researching, verifying and prioritizing events before we can start responding to the threat. NetCitadel closes the gap between threat detection and rapid response by providing our team with deep contextual data for each incident, as well as supporting a variety of network enforcement options. It’s our Incident Response analyst ‘in a box.’ ”
Without the proper context, it is almost impossible to prioritize events and make good security decisions. Unfortunately, many security teams are forced to collect critical context data using time-consuming manual processes.
According to Gartner,“Security platforms must become context-aware identity, application, content, location, geolocation and so on in order to make better information security decisions regarding advanced target attacks (ATAs).” 2
NetCitadel’s solution delivers the necessary context in an easy-to-use interface that enables security analysts to quickly verify which issues are real and which issues can be safely ignored.
“Today’s enterprises require a new paradigm for responding to advanced malware and sophisticated cyber-attacks what they need is the ability to understand context, quickly analyze the threat, and react in real-time,” said Mike Horn, NetCitadel co-founder and CEO. “NetCitadel uniquely enables organizations to significantly reduce the time and effort required to understand and contain detected threats, creating a highly adaptive environment that responds rapidly to new threats.”
Note 1 Kaspersky Lab,“Best Practices That Apply to All Technical Control Layers,” June 19, 2013.
Note 2 Gartner Inc.,“Best Practices for Mitigating Advanced Persistent Threats,” by Lawrence Pingree, et al, September 12, 2013.
NetCitadel (netcitadel.com) was founded by a team of security, networking and virtualization veterans to revolutionize incident response by transforming modern security events into automated actionable intelligence. Headquartered in Mountain View, Calif., the company is venture backed by NEA and other investors. For more information about NetCitadel and its solutions, call (650) 564-4285.
NetCitadel is a registered trademark of NetCitadel in the United States and other countries.