Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

11/19/2013
08:06 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

NetCitadel Rolls Out Real-Time Threat Management Platform

NetCitadel ThreatOptics integrates with existing security enforcement devices, such as firewalls and Web proxies

MOUNTAIN VIEW, Calif. -- Nov. 19, 2013 -- NetCitadel, Inc., the pioneer in innovative threat management solutions, today announced the general availability of NetCitadel ThreatOptics &trade, the industry's first solution that applies context and intelligence to detected security events and dramatically reduces incident response times to Advanced Persistent Threats (APTs) and malware attacks.

The evolving complexity and increased frequency of malware and APTs have driven the need for next-generation Advanced Malware Detection (AMD) solutions and Security Information and Event Management (SIEM). While effective, these detection tools generate unmanageable volumes of security alerts, and make it difficult for Incident Response teams to verify, prioritize, and respond to the most urgent threats in a timely and effective manner. Traditional response processes are manual, time-consuming and error-prone, thus leaving organizations exposed. This, combined with the ongoing shortage of skilled cyber security resources, necessitates a new, more automated approach to incident response.

Now, by closing the gap between detection and response, NetCitadel ThreatOptics transforms traditionally rigid workflow and manual response capabilities into dynamic defenses capable of automatically responding to malicious attacks in real-time.

"As the law firm for ground-breaking technology and life sciences companies, Fenwick is heavily invested in making sure our infrastructure is secure," said Kevin Moore, Director of Information Technology at Fenwick & West LLP. "We recognize that a proper security posture is not just about detection, it also includes an effective analysis and response capability. NetCitadel ThreatOptics provides our security team with rich context data for efficient security response that is critical to our ongoing mission to keep our networks, servers, and end points secure."

NetCitadel ThreatOptics is the first threat management platform of its kind, addressing the security analysis and intelligence needs of today's Incident Response teams. NetCitadel's analytics-driven approach uniquely adds rich context data to security events generated by devices such as FireEye®, Palo Alto Networks®, and HP ArcSight®, and analyzes the data to facilitate rapid and intelligent decisions. In addition, ThreatOptics integrates with existing security enforcement devices, such as firewalls and web proxies, to deliver real-time responses to security events.

According to Gartner, Inc., "Security buyers that add these new detection methods will quickly find that the event of detecting malware or a compromised system itself is not deterministic for reporting on the impact of the attack. Other factors are needed to better handle the workload of new events in terms of company impact. For example, the systems and users involved, the sensitivity of the data in play, what external parties are involved, and situational attack visualization become key to quickly and accurately prioritizing events in which to dispatch investigation teams."1

Without the proper context, it is almost impossible to prioritize events and make good security decisions. The proper context in an integrated view, however, enables security analysts to quickly verify which issues are real and which issues can safely be deprioritized.

"NetCitadel ThreatOptics solves the industry's security alert overload problem by automatically surrounding alerts with meaningful context," said Mike Horn, NetCitadel co-founder and CEO. "We're pleased to help security analysts and Incident Response teams demonstrably increase their security responsiveness while leveraging existing security resources. By lowering the cost of exposure and increasing security, NetCitadel frees up more IT staffers to engage and positively impact other security priorities in the organization."

NetCitadel ThreatOptics dynamically updates existing security devices to respond instantly to security events as they are detected. With NetCitadel, once a security event has been detected anywhere in the network, subsequent attempts to connect to the source of the infection will be blocked across the entire network proactively, eliminating widespread outbreaks of the same security threat.

About NetCitadel ThreatOptics

NetCitadel ThreatOptics leverages intelligent threat event context and patent-pending security orchestration technologies to deliver real-time responses to security events. Rich sources of security information, from systems such as Security Information and Event Management (SIEM), Advanced Malware Detection (AMD) and Intrusion Detection Systems (IDS) are seamlessly integrated to work with existing security devices, such as firewalls and web proxies. Deployed as a virtual appliance, ThreatOptics leverages security event information and, based on the information in the security event, updates existing security devices to react to those security events in real-time. By using ThreatOptics, organizations can dramatically reduce the time it takes to respond to an identified security event by enabling either a fully automated or semi-automated response. ThreatOptics uses proprietary security intelligence algorithms to help enterprises determine the severity of a security event as well as the appropriate response to that event.

Availability and Pricing

NetCitadel ThreatOptics will be generally available next month from NetCitadel as a virtual appliance. Pricing begins at approximately $50,000 and goes up based on the number of users and the size of the security infrastructure. More information on pricing and purchasing information can be found at www.netcitadel.com.

NOTE 1 – Gartner, "Advanced Targeted Attacks Influence Security Spending and Create Partnering or Acquisition Opportunities," by Eric Ahlm and Lawrence Orans, Sept. 26, 2013.

About NetCitadel

NetCitadel is the pioneer in innovative security threat management. Recognizing the dramatic growth in cyber-attacks and the increase in targeted attacks using Advanced Persistent Threats (APTs), the company identified the need to operationalize the overwhelming volume of security data. Its threat management platform, ThreatOptics, leverages patent-pending technology to link existing network security devices with real-time security event information, resulting in an infrastructure capable of adapting to new threats instantly. Headquartered in Mountain View, Calif., the company is venture backed by NEA and other investors. For more information about NetCitadel and its solutions, call (650) 564-4285 or visit http://www.netcitadel.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 11/19/2020
New Proposed DNS Security Features Released
Kelly Jackson Higgins, Executive Editor at Dark Reading,  11/19/2020
How to Identify Cobalt Strike on Your Network
Zohar Buber, Security Analyst,  11/18/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: A GONG is as good as a cyber attack.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-5641
PUBLISHED: 2020-11-24
Cross-site request forgery (CSRF) vulnerability in GS108Ev3 firmware version 2.06.10 and earlier allows remote attackers to hijack the authentication of administrators and the product's settings may be changed without the user's intention or consent via unspecified vectors.
CVE-2020-5674
PUBLISHED: 2020-11-24
Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2020-29002
PUBLISHED: 2020-11-24
includes/CologneBlueTemplate.php in the CologneBlue skin for MediaWiki through 1.35 allows XSS via a qbfind message supplied by an administrator.
CVE-2020-29003
PUBLISHED: 2020-11-24
The PollNY extension for MediaWiki through 1.35 allows XSS via an answer option for a poll question, entered during Special:CreatePoll or Special:UpdatePoll.
CVE-2020-26890
PUBLISHED: 2020-11-24
Matrix Synapse before 1.20.0 erroneously permits non-standard NaN, Infinity, and -Infinity JSON values in fields of m.room.member events, allowing remote attackers to execute a denial of service attack against the federation and common Matrix clients. If such a malformed event is accepted into the r...