High-speed Solutions

The WildPackets Network Analysis and Monitoring Blog covers enterprise networking news from recent standards, such as 802.11n, and upcoming technologies, such as 100G, to pressing everyday issues around wireless, VoIP, security, and network performance management.

Automation is the key to better enterprise security

Our Director of Products, Jay Botelho, believes in the importance of automating aspects of network data collection to help security analysts find and resolve issues faster. He discusses this in more detail in an ITProPortal (UK) article.

You can find the full article here, but here’s an excerpt:

People are no longer surprised by data breaches. Many breaches are perpetrated by malicious actors. Others are the result of lapses in internal security protocols. The one common thread today is that every organization, whether it is a retailer, a healthcare provider, a financial institution or a government agency, is becoming more dependent on the network and its data. The traffic flowing across the network is what keeps the organization in business, so the data has enormous intrinsic value to the enterprise. Although breaches at companies like Yahoo have garnered a lot of attention recently, the sophisticated and automated tools used by hackers put every company, regardless of size, at serious risk of being hacked.

A primary reason for this weakness is that the volume of alerts has become so overwhelming that security teams typically only have the bandwidth to investigate a small percentage of the highest priority alerts each day. It’s very easy to find the bottleneck in this process; current security solutions typically require a disjointed, multi-step process that forces security analysts to manually correlate aggregated data from alerts with the corresponding network logs or traffic. Picture multiple screens and a lot of manual cross-checking, which is certainly not ideal when time is such a valuable commodity.

The key to improving security alert fatigue is automation.

 The security industry sorely needs automated tools and processes that work in the background to collect suspicious network traffic, making it readily available to analysts whenever needed. By centralizing and automating much of this process, analysts have much more time to investigate alerts each day, which in turn greatly increases the likelihood that they will find and limit the impact of a breach.

 

Screen Shot 2016-03-16 at 11.24.35 AM

Jay Botelho, Director of Products at Savvius

facebooktwitterlinkedinfacebooktwitterlinkedin

Savvius Omnipeek Earns 2017 “Most Innovative Forensics Solution”

We have some exciting news from last week’s RSA Conference. Cyber Defense Magazine (CDM), a leading InfoSec publication, announced that Savvius Omnipeek beat out a host of rival products to be named the Most Innovative Forensics Solution of 2017.

Describing the significance of this award, the Editor-in-Chief of Cyber Defense Magazine, Pierluigi Paganini, said, “We’re thrilled to recognize next-generation innovation in the information security marketplace and that’s why Savvius has earned this award from Cyber Defense Magazine. Some of the best InfoSec defenses come from these kinds of forward thinking players who think outside of the box.”

Omnipeek, which has an established reputation as a best-in-class network analytics and performance diagnostics solution, dramatically streamlines the process for both network troubleshooting and security investigations. Omnipeek now gives users the ability to manage packet analysis through a single, streamlined user interface that includes security alerts from popular open-source IDS platforms such as Snort and Suricata. By highlighting packet data corresponding to these alerts, Omnipeek provides immediate, detailed analysis of suspected breaches. Omnipeek is also able to open multiple large capture files simultaneously by filtering the packet files before they are loaded and analyzed. This greatly reduces file size and helps to speed up response times.

Julie Criscenti Heck, the Head of Marketing at Savvius, was on hand at Savvius’ RSA booth to receive the award, and said, “We’re seeing significant interest in network forensics as an effective source of truth in security investigations. Savvius is honored to have Omnipeek recognized with an InfoSec Award from this well-respected publication.”

For a no-obligation 30-day trial of Omnipeek, go to: https://www.savvius.com/distributed_network_analysis_suite_trial

Omnipeek Award

facebooktwitterlinkedinfacebooktwitterlinkedin

Contact Us Savvius Blog Follow Savvius on Twitter Like Savvius on Facebook Follow Savvius on LinkedIn Follow Savvius on YouTube Follow Savvius on Slideshare