Norse today introduced a new version of its groundbreaking DarkWatch™ attack intelligence appliance with expanded capabilities which now actively monitor inbound and outbound network traffic on all ports to guard against a much broader range of enterprise attack vectors.
Norse tutvustas täna uut versiooni oma murrangulisest DarkWatchist ™ rünnaku luure seadeldis, millel on laiendatud võimed, mis nüüd aktiivselt jälgib sissetulevaid ja väljaminevaid võrguliiklusi kus kõik pordid kaitsevad palju suurema hulga ettevõtete rünnakusuundi.
“We have taken the industry’s best solution for preemptively detecting and blocking advanced attacks and made it even better, with significant security, performance and ease-of-use improvements,” said Tommy Stiansen, CTO and co-founder of Norse.
“Since the introduction of DarkWatch last July, early customers have gained a greater understanding of its full potential, and we have worked closely with them in developing these enhancements.”
The popular Norse Live Attack Map is now built in, giving security operations centers real-time visual feedback on Internet attack “weather” hitting facilities nearby and around the globe and gives security operations center staff detailed, real-time visibility into threats traversing networks around the world.
While the free version of the map is already popular as a live threat dashboard among security professionals, the premium version in DarkWatch focuses on an organization’s own network traffic, highlighting the risks and attacks in process – in context and in real time – giving SOC first-responders the information they need to act faster and more effectively.
This new DarkWatch release monitors all outbound and inbound network ports, allowing it to play a bigger role in “supercharging” a customer’s existing firewall, intrusion protection system, and SIEM security infrastructure.
By alerting these security devices to a far greater range of high-risk inbound traffic using dynamic risk scores in context delivered in real time, DarkWatch acts as an “ROI multiplier” across the entire security department.
This enables security professionals to respond faster and more effectively to their “unknown unknowns.” DarkWatch guards the enterprise against a broad range of advanced attacks, including inbound (return) high port hijackings and other new attacks not addressed by existing equipment.
“As security breaches continue to make the headlines, it is becoming clear that enterprises need all the knowledge they can get to fight off diverse attacks,” said Wendy Nather, research director of the Information Security practice at 451 Research.
“In order to be useful, threat intelligence needs to be as complete and relevant as possible. Offerings such as Norse’s DarkWatch appliance are growing in popularity as organizations build their defense portfolios.”
The DarkWatch attack intelligence appliance brings all of Norse’s unique intelligence-gathering and analysis capabilities to the enterprise doorstep. It uses an advanced artificial intelligence engine that distills second-by-second updates on thousands of risk factors on hundreds of millions of IP addresses, domains, URLs and devices to deliver a single, actionable risk score with detailed context for any address of interest.
The DarkWatch appliance protects organizations from the new, fast-growing class of “grey” threats, such as those from cloud vectors and compromised embedded devices, and stops enterprise data theft via Tor and anonymous proxies.
With DarkWatch protection, enterprises can automatically log malicious activity, generate alerts and preemptively block IP addresses based on up-to-the-second DarkWatch risk telemetry delivered live from Norse.
Availability
The new DarkWatch attack intelligence appliance is available now from Norse as a software virtual machine or a rack-mounted 1U hardware appliance. To order, or for a demonstration or quote, email sales@norse-corp.com.
The DarkWatch appliance readily integrates with an organization’s existing security infrastructure via a RESTful API. Alternatively, the DarkWatch appliance can be deployed in-line in “front” to offload existing devices or “in back” to catch malicious traffic that other devices miss.
Installation and setup are even easier than before, enabling the DarkWatch appliance to be up and running in less than 30 minutes.
Norse Live Attack Map
source : dddd
0 comments:
Post a Comment