Author: Cyphort / Source: Information Security Buzz
It’s not a SIEM. But it does address SIEM user dissatisfaction with a software platform that combines advanced threat detection with correlated security analytics, auto mitigation capabilities – and a lot less.
Santa Clara, CA – Cyphort Inc., Today unveiled a powerful security analytics platform that empowers enterprise security teams with the prioritized, actionable intelligence required for fast, interactive threat investigation and response to advanced threats. Dubbed the Anti-SIEM, the software solution builds on Cyphort’s expertise in advanced threat detection, then adds a sophisticated, scalable analytics engine that ingests, analyzes, and correlates data from Cyphort collectors and other security tools deployed in the network. Consolidated results are presented, along with identity information, as an adjustable timeline view of the complete security incident.
“The Anti-SIEM is the result of extensive research that Cyphort conducted with nearly 1,000 SIEM users from large organizations across the US,” said Manoj Leelanivas, CEO and president at Cyphort. “We’ve used these insights to create the Anti-SIEM. It’s everything users want in a SIEM – and less. Meaning, less cost, noise, complexity, and wasted time.”
The multi-pronged research project – conducted over several months by Cyphort in cooperation with the Ponemon Institute, Osterman Research, and InterQ Research – revealed specific problem areas where SIEM time, cost, and complexity issues were negatively impacting the productivity of security analysts and incident response teams. The research also provided insight into specific areas where Cyphort technology could be employed, optimized, and extended to restore productivity, accelerate response, and save money in the process.
“The research revealed many of the specific manual tasks required by Tier 1 and Tier 2 responders, who typically begin their work with data generated by the SIEM,” explained Frank Jas, CTO of Cyphort. “Understanding their processes and workflows enabled us to develop additional analytics and UI features within the Anti-SIEM to minimize the need for many manual, time-consuming steps.”
The Anti-SIEM is a distributed software platform that begins with a focus on threat detection, by ingesting raw data from web, email, and lateral spread traffic, as well as log and event data from a variety of other security tools in the network. All information is fed into its analytics engine, which uses machine learning and behavioral analysis technologies to…
Click here to read more