NetCitadel, Inc., the pioneer in innovative threat management solutions, today announced that it surrounds detected threats with context and intelligence and can automatically contain them in real-time. These capabilities dramatically reduce incident response times to Advanced Persistent Threats (APTs) and targeted malware attacks. As a result, NetCitadel enhances security analysts’ ability to respond to high volumes of security alerts and helps organizations avoid high-profile breaches, which can lead to significant financial, legal, and reputation damage.
Last week, it was widely publicized that Target Stores did not realize the severity of malware on its networks despite having implemented advanced malware detection tools from FireEye ™ and others. It was revealed that on at least two separate occasions FireEye systems detected and alerted the presence of malware, but it appears there was a lack of response by the IT security team. This is not uncommon as advanced detection tools can generate unmanageable volumes of security alerts, making it difficult for Incident Response teams to verify, prioritize, and respond to the most urgent threats in a timely manner.
The cost of missing even a single critical alert can be very high. In Target’s case, hackers not only stole 40 million credit cards but also breached database records with personal data of at least 70 million customers, including names, mailing addresses, telephone numbers and email addresses.
“From all reports, it seems that FireEye did its job, but Target’s Incident Response professionals were probably too busy chasing down other alerts,” said Theron Tock, NetCitadel co-founder and CTO. “They could have easily stopped the attack if they had just acted on these early warnings and knew the severity of the threat. The challenge of prioritizing alerts is not isolated to big retailers like Target many smaller organizations struggle with gathering the critical context needed to enable security analysts to quickly verify which issues are real and which issues can safely be deprioritized. NetCitadel ThreatOptics™ solves the industry’s security alert overload problem by automatically surrounding alerts with meaningful context, as well as providing automated ‘lock-down’ capabilities to contain detected threats immediately.”
About NetCitadel ThreatOptics
NetCitadel ThreatOptics is the first threat management platform of its kind, addressing the analysis, intelligence, and enforcement needs of today’s Incident Response teams. ThreatOptics automatically investigates, prioritizes, mitigates, and contains threats reported by devices such as FireEye, Palo Alto Networks, and HP ArcSight. Out of the box, ThreatOptics integrates with existing security enforcement devices, such as firewalls and web proxies, to deliver real-time responses to security events. By using ThreatOptics, organizations can dramatically reduce the time it takes to respond to security events by enabling either a fully automated or semi-automated response. ThreatOptics uses patent-pending security intelligence systems to help enterprises determine the severity of a security event as well as the appropriate response to that event.
NetCitadel (netcitadel.com) is the pioneer in innovative security threat management. Recognizing the dramatic growth in cyber-attacks and the increase in targeted attacks using Advanced Persistent Threats (APTs), the company is addressing the need to operationalize the overwhelming volume of security data and turn security data into actionable intelligence. Its threat management platform, ThreatOptics, leverages patent-pending technology to connect existing network security devices with real-time security event information to proactively update enforcement infrastructure instantly. Headquartered in Mountain View, Calif., the company is venture backed by NEA and other investors. For more information about NetCitadel and its solutions, call (650) 564-4285 or visit the website.
NetCitadel is a registered trademark of NetCitadel in the United States and other countries. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.