Cyphort debuts the Anti-SIEM

First open demonstration of advanced security analytics, advanced threat defense and auto mitigation platform that sharply reduces the time, cost and complexity challenges associated with legacy SIEM solutions.

  • 7 years ago Posted in
Cyphort unveils the Anti-SIEM at Infosecurity Europe. The powerful new class of security analytics platform empowers enterprise security teams with the prioritized, actionable intelligence required for fast, interactive threat investigation and response to advanced threats. Cyphort will demonstrate the new platform at booth H175 at Infosecurity Europe, Olympia London, UK, June 6-8, 2017, and will also analyze "The Seven Secret Sins of SIEMS" at the Infosecurity Europe Cyber Innovation Showcase on June 8, 2017 at 10 am.
"The introduction of the Anti-SIEM is welcome news," said Vladislav Ryaboy, Director of GSOC, Crawford & Company, the world's largest publicly listed independent provider of claims management solutions. "Not just for the threat detection and security value, but also the productivity gains that the analytics engine will provide us. This will definitely reduce the noise level for our security team, and make them a lot happier."
The Anti-SIEM is a distributed software platform that starts with a focus on threat detection, by ingesting raw data from web, email, and lateral spread traffic, as well as log and event data from a variety of other security tools in the network.
In as little as 15 seconds:
 
  • All information is fed into its analytics engine, which uses machine learning and behavioral analysis technologies to first identify advanced threats;
  • All related alerts and log events from other sources are then correlated, and user/host identify information is added; and
  • A consolidated timeline view of the entire security incident is presented, showing the threat and all related events over time, as well as progression through the cyber kill chain.
Its scalable architecture allows organizations to store threat, log, and event data for months or years, and thus easily adjust the timeline view of user/host-based security incidents. The platform offers incident response teams "one-touch" auto-mitigation capabilities. For example, it can automatically create and publish new rules and policies so that in-line devices can block similar threats in the future.
"The Anti-SIEM was actually developed by security professionals. Nearly 1,000 SIEM users in large organizations across the US contributed insight to our R&D," said Franklyn Jones CMO at Cyphort. "We like to say it's everything users want in a SIEM -- and less. That's because SIEM users have been pleading for a solution entailing less cost, less noise and potential for false positives, less complexity, an above all, much less wasted time -- and that's what we debut today."
Research conducted with the Ponemon Institute, Osterman Research, and InterQ Research revealed specific problem areas where SIEM time, cost, and complexity issues were negatively impacting the productivity of security analysts and incident response teams. The research also provided deep, actionable insight into specific areas where Cyphort technology could be extended to enable far greater security team productivity, accelerate event response, and save significantly on costs.
"We examined many of the specific manual tasks required by Tier 1 and Tier 2 responders, whose workdays usually begin with data generated by the SIEM," explained Frank Jas, CTO of Cyphort. "A new level of understanding of their processes and workflows informed our creation of analytics and UI features within the Anti-SIEM that minimize the need for the manual, time-consuming steps that now monopolize security teams' days."
The Anti-SIEM delivers "less" of what customers don't want:
 
  • Less cost: including lower licensing and deployment costs, and measurably higher productivity gains through its analytics engine to automate event processing capabilities. Savings can easily exceed $100,000 annually.
  • Less noise: Relevant alerts, logs, and event data are now automatically analyzed and consolidated into a single security incident, thus significantly reducing the noise from distracting alerts.
  • Less complexity: Research revealed that most SIEM deployments require 3 months or more before customers get the value they want. The Anti-SIEM minimizes deployment complexity and reduces time-to-value to just a few days, sometimes even hours.
  • Less wasted time: By automating the proactive detection, analysis, and consolidation of information related to advanced threats, security teams waste far less time on low-level tasks and can focus on priorities for the organization.
"Managing incident response and threat mitigation is difficult and time-consuming," said Michael Osterman, Principal Analyst of Osterman Research. "The Anti-SIEM promises to significantly alter the security management landscape by improving the speed and efficiency of threat detection and response, while simultaneously lowering the costs of these critical processes."
The Anti-SIEM can be deployed with an existing SIEM to improve productivity and strengthen security, or in place of a SIEM for organizations that want the benefits of a SIEM without the drawbacks. The Anti-SIEM solution and its components can be purchased as a 1- or 3-year software license. Specific pricing depends on customer deployment requirements.
Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
73% of organizations lack automated patch management, and 62% experienced incidents involving...
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with...
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to...
Aqua’s cloud native application protection platform becomes the only solution that protects cloud...
54% of organisations working on a security transformation project now or in the next 12 months.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Zscaler Zero Trust exchange cloud-based architecture enables superior green security capabilities...