Context-driven threat intelligence and security operations solution provides overarching enterprise-wide cyberthreat management control
Unified operations portal, contextual intelligence and multi-layered defense combine to set new standard for security operations effectiveness and defending against known and unknown threats at each stage of the attack kill chain
SAN FRANCISCO, April 20, 2015 (GLOBE NEWSWIRE) -- RSA CONFERENCE 2015 -- Today Europe's cybersecurity leader Fox-IT launched its Cyberthreat Management Platform, a next-generation context-driven, threat intelligence and security operations solution. Breaking ground on many levels, it sets a new standard for managing and mitigating cyber risks, even those posed by as yet unknown actors, attack vectors and methods. The new platform will be available in the U.S., Europe, Middle East and Africa regions.
"Most security products are still dependent on elementary indicators of compromise information and are not designed to facilitate in-depth security analytics, which is why they have a hard time detecting and stopping APTs and constantly evolving threats," said Menno van der Marel, CEO and co-founder of Fox-IT. "We developed this platform specifically to find and analyze the unknown threats that will lead to the next big breach, not the last one, and drastically cut down on the time until new threats are known, understood and stopped."
The Fox-IT solution was developed directly from the company's 15 years' experience as a leader in security research and cyber incident response. It incorporates the same proprietary technology, workflows and intelligence its team of 200-plus security specialists use in cyberthreat management operations for governments, critical infrastructures and global enterprises.
Broad in scope, the Cyberthreat Management Platform is a suite of solutions, integration tools and expert services designed to provide unified, overarching control of an organization's entire cyberthreat management operations. It builds on and extends the Fox-IT family of industry-leading threat intelligence and information security solutions and includes capabilities at every level of cybersecurity operations management:
- Cyberthreat Management Portal: A central tool for cyberthreat management with role-defined views and case handling tools; it provides Security Operations Center analysts and incident response teams with a full workflow-based threat analytics environment while presenting the CISO and C-level with relevant threat and risk information
- Threat Intelligence: Provides context to security events by connecting both applied and contextual intelligence in the platform to see if and how a threat is covered, understand the motives behind an attack and determine the overall risk profile
- Network Module: Detects and mitigates known attacks in real time, enables rapid detection of and response to new threats, and retains forensic data for retroactive investigation
- Endpoint Module: Employs a signature-less approach that enables the detection, mitigation and investigation of both known and unknown threats to strongly protect endpoints and servers
- Adaptive Defense Module: A decoy network of endpoints and servers to help discover anomalies and detect targeted attacks using as yet unknown attack vectors or methods, instantaneously triggering investigations and intelligence gathering
- SIEM Integration Log Module: Integrates with any existing SIEM technology through the open common event format standard to provide context and prioritization to security events.
In operation, the Cyberthreat Management Platform significantly strengthens operational capabilities in four critical areas—intelligence, prevention, detection and response— that address not merely known threats but also unknown threats. The result is a continuous process of advanced cybersecurity operations characterized by:
- Contextual intelligence drawn from internal data from IT security products, external feeds, and Fox-IT's own extensive threat intelligence provides context to security events to understand the motives behind an attack and determine the overall risk profile
- Multi-layered, continuously monitored threat prevention, detection and response architecture that provides visibility at each stage of the attack kill chain to increase the odds of early threat detection and remediation, especially for previously unknown threats
- Maximized productivity of scarce security incident response experts; priorities and real threats are made clear as existing rules and real-time event correlation make fast decisions that drive automated responses to filter noise, handle false positives and mitigate low-level threats
- Faster threat response that limits the attacker's free time inside the system and minimizes damage
Fox-IT delivers the Cyberthreat Management Platform on a fully managed, hybrid or a stand-alone basis.
When delivered as a managed security service, Fox-IT provides an instant-on, global, 24/7 Security Operations Center staffed with highly skilled security experts.
Organizations that want to be self-sufficient but need help getting started can use the hybrid service delivery option to create an easy path for knowledge transfer to prepare their teams to gradually take over Security Operations Center operations.
The platform and any of its modules are also available as stand-alone components.
Fox-IT anticipates and solves the world's cybersecurity challenges, achieved through a strong focus on innovation and a tireless dedication to our clients, our values and our integrity.
CONTACT: Media Contact: Deb Montner Montner Tech PR email@example.com 203.226.9290