Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Encode launches security analytics and response orchestration appliances

May 2016 by Emmanuelle Lamandé

Encode is launching standalone software and appliance versions of its Enorasys Platform to complement recently launched SaaS version and its managed security monitoring solution, offering Cyber Early Warning and Adaptive Response to combat advanced persistent threat attacks. Encode is also launching an appliance version of
its SOCStreams Response Orchestration system providing advanced Incident
Lifecycle Management, by encapsulating and streamlining all core Security
Operations Center (SOC) and Cyber Incident Response Center (CIRT) processes.

Enorasys Security Analytics is designed from the ground up to deliver early
compromise detection by understanding the "attack logic" and exploitation
path of the advanced and determined adversary. This is realised through
"focused" Big Data Security Analytics harnessing powerful machine-learning
techniques and encapsulated offensive and defensive expertise.

The platform employs a combination of Pattern recognition (supervised
machine learning) with user and network node activity Profiling
(unsupervised machine learning) and correlation with
external/environment-specific Context data. In this way, the canned
analytics modules are able to use the right tool for the job for each use
case and corresponding monitored activity.

In addition, Enorasys Security Analytics provides advanced visualisation of
risk scores and threat activity, along with a complete toolbox for intuitive investigation of suspicious activity. The system can feed existing
SIEM systems with alerts on high-risk activity, and the analyst interface
can be invoked through SIEM consoles for further investigation and
analysis.

SOCStreams in combination with its Adaptive Threat Response (ATR) engine
takes the Incident Response process one step further, by providing SOC/CIRT
analysts with a central focal point, the integration and the tools required
to orchestrate response, ranging from security alert handling to targeted
investigation and response. Furthermore, SOCStreams can constitute the main
interface for both SOC service users and SOC personnel alike, where all
service related communications and management activities are performed
and/or tracked.


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts