Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operations

2/24/2020
10:50 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Securonix Enables Use Case Testing at Full SOC Scale with New Analytics Sandbox Capability

Securonix Unveils Capability to Improve SOC Efficiency and Make SIEM Tuning Better and Faster at Spark 2020 Conference and RSAC 2020

San Francisco, CA – February 24, 2020 – Securonix, Inc., a leader in next-gen SIEM, today announced the launch of the Securonix Analytics Sandbox capability. The new capability provides an isolated test or QA environment within the production setup for security operations teams to test, tune, and validate new use cases prior to pushing them to live production.

Across teams, security operations face a common challenge - testing and deploying use cases without impacting efficiency. The process of fine-tuning use cases and adding team-created content or algorithms to live production environments is time consuming and creates excess “noise” - in the form of unverified alerts, false positives, and violations - for already under-resourced security operations and response teams to handle. With Securonix Analytics Sandbox, the teams responsible for developing SIEM content can test and fine-tune use cases against real production data without impeding SOC efficiency.

Securonix unveiled its industry-first Analytics Sandbox capability at Securonix Spark 2020, the company’s third annual conference, coinciding with RSAC 2020. Spark 2020 focuses on combating multi-cloud threats, with presentations by Sachin Nayyar, CEO of Securonix; Felipe Boucas, Director of Product for Managed Security Services at Verizon; Rohit Gupta, Global Segment Leader for Security at AWS; Anil Markose, SVP at Booz Allen Hamilton; as well as several other industry CISOs and subject matter experts. 

“Security operations teams are in a catch 22 - they must update use cases rapidly to stay ahead of evolving threats, but must do so in a way that does not add false positive noise or require additional response resources for data storage or compute,” said Sachin Nayyar, CEO of Securonix. “Leveraging the elasticity of its cloud-based architecture, Securonix is able to provide customers the Securonix Analytics Sandbox capability that satisfies these needs.”

How Securonix Analytics Sandbox Works
Securonix Analytics Sandbox allows multiple teams - including data scientists, detection engineers, blue teams, and others - to create multiple test beds to test use cases at scale against production data and analyze the impact in isolation. The use cases tested in the sandbox can be tuned, validated, and then pushed to production. Securonix Analytics Sandbox enables users to keep entity risk scores intact until the new use cases are pushed to live production. Use cases moved from the sandbox to production provide three options to testers:

  • Delete violations (risk score) and delete meta-data (behavioral profile)
  • Delete violations (risk score) and keep meta-data (behavioral profile)
  • Keep violation (risk score) and keep meta-data (behavioral profile)

Securonix uses the dynamic resource allocation capability within the AWS cloud platform and the Spark application to allocate resources on-demand for the sandbox environment. This allows Securonix to enable the Analytics Sandbox for its SaaS customers at production scale without impacting performance.

Securonix will be demonstrating the new Analytics Sandbox capability at Spark 2020. To register for Spark 2020, please visit www.securonix.com/securonix-spark/. Demonstrations will also be happening at RSAC 2020, February 24-28 in San Francisco, CA, at booth #527 in the South Hall. 

About Securonix
The Securonix platform delivers positive security outcomes with zero infrastructure to manage. It provides analytics-driven next-generation SIEM, UEBA, and security data lake capabilities as a pure cloud solution, without needing to compromise. To learn more about Securonix, its products and services, visit www.securonix.com or follow us on LinkedInFacebook and Twitter.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/30/2020
'Act of War' Clause Could Nix Cyber Insurance Payouts
Robert Lemos, Contributing Writer,  10/29/2020
6 Ways Passwords Fail Basic Security Tests
Curtis Franklin Jr., Senior Editor at Dark Reading,  10/28/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How to Measure and Reduce Cybersecurity Risk in Your Organization
In this Tech Digest, we examine the difficult practice of measuring cyber-risk that has long been an elusive target for enterprises. Download it today!
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27652
PUBLISHED: 2020-10-29
Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors.
CVE-2020-27653
PUBLISHED: 2020-10-29
Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors.
CVE-2020-27654
PUBLISHED: 2020-10-29
Improper access control vulnerability in lbd in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to execute arbitrary commands via port (1) 7786/tcp or (2) 7787/tcp.
CVE-2020-27655
PUBLISHED: 2020-10-29
Improper access control vulnerability in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to access restricted resources via inbound QuickConnect traffic.
CVE-2020-27656
PUBLISHED: 2020-10-29
Cleartext transmission of sensitive information vulnerability in DDNS in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to eavesdrop authentication information of DNSExit via unspecified vectors.