Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

2/27/2012
05:20 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Critical Watch Launches Security Analytics Technology

Active Countermeasure Intelligence unifies and automates security management

SAN FRANCISCO, Feb. 27, 2012 /PRNewswire/ -- Today at the RSA' Conference 2012 in San Francisco, California, Critical Watch launched their next generation security analytics technology called Active Countermeasure Intelligence (ACI). The first and only solution of its kind, ACI unifies the elements of risks, articulates the attributes of those risks, and intelligently maps them to the most effective countermeasures to enable action. With a foundation built on big data and leveraging the latest in flexible web services architecture it fuses innovative risk analytics with intelligent automation to deliver true enterprise security intelligence.

ACI is a patent-pending platform that consists of a Countermeasure Intelligence Engine(TM) (CIE) to deliver powerful Recommendation Analytics based on various risk-to-countermeasure taxonomies. The CIE is fed risk information from a series of Risk Collection Agents that extract data from input sources in an enterprise environment like network scanners, SAST/ DAST tools and malware detection solutions. Countermeasure Control Agents put the Recommendation Analytics into action by orchestrating automated policy workflows that perform the desired mitigation tasks on countermeasure devices.

Countermeasure Intelligence modules present Insight Views by risk and by solution. These Views enable users to construct and model risk scenarios based on a series of parameters then compare them to the countermeasures installed in their environment as well as view applicable countermeasures they may not own. They also can predict how changing countermeasure settings or installing new countermeasures will affect their overall risk posture. ACI Visualization Maps provide a synthesized view of which countermeasures will have the greatest impact on reducing risk. They can be applied globally or to a defined subset of risk and threat parameters. The result of these capabilities is to transform disparate, siloed data into a synthesized understanding of risk and enable a coordinated, automated response.

"We're at a point in the security industry where we have to start turning data into real insight that enables confident action. Too often security teams are forced to act with imperfect or even incorrect information. This only results in error, inefficiency and higher costs to manage risk. ACI is a true enterprise intelligence platform that will answer the need for unified, more automated security management," said David Laizerovich, CEO of Critical Watch.

Critical Watch's ACI technology is a flexible software platform designed to be integrated into leading SIEM, ITGRC and protection device platforms to deliver next generation risk management capability to solution providers.

About Critical Watch

Critical Watch is the innovator of Active Countermeasure Intelligence – next generation information security that combines comprehensive risk intelligence with active mitigation. Its power is in the ability to converge a higher level understanding of risk across the information stack and immediately initiate mitigation on the appropriate countermeasure solutions as a unified, defense-in-depth action plan. Critical Watch clients are Global 2000 enterprises across verticals such as healthcare, financial services, state and local government, ecommerce and manufacturing. ACI enables organizations to:

Unify the elements of risk Understand the unique attributes of risks Intelligently map those risks to the most effective countermeasures to enable action

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21392
PUBLISHED: 2021-04-12
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when transitional IPv6 addre...
CVE-2021-21393
PUBLISHED: 2021-04-12
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 Synapse is missing input validation of some parameters on the endpoints used to confirm third-party identif...
CVE-2021-29429
PUBLISHED: 2021-04-12
In Gradle before version 7.0, files created with open permissions in the system temporary directory can allow an attacker to access information downloaded by Gradle. Some builds could be vulnerable to a local information disclosure. Remote files accessed through TextResourceFactory are downloaded in...
CVE-2021-21394
PUBLISHED: 2021-04-12
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 Synapse is missing input validation of some parameters on the endpoints used to confirm third-party identif...
CVE-2021-22497
PUBLISHED: 2021-04-12
Advanced Authentication versions prior to 6.3 SP4 have a potential broken authentication due to improper session management issue.