Trend Micro has introduced advanced analytics capabilities for its network security solution, Deep Discovery.
In addition to detecting and analysing advanced threats on the network, customers will be able to streamline investigation and response with automated analysis and correlation of network events, while maximising organisations’ limited IT security resources.
Organisations today are being squeezed on both sides, by an endemic cybersecurity skills shortage and increasingly determined threat actors, driving a heightened fear of missing new threats. They desperately need a way to simplify and prioritise threat information, accelerating detection and response.
“Nobody likes to be blindsided. Security professionals need to be able to see what is happening across their network and respond quickly when needed. They need to be able to filter the noise so they can focus on critical tasks,” said Eric Skinner, vice president of solution marketing for Trend Micro. “The new network analytics capabilities of Deep Discovery do just that, empowering organisations struggling with skills shortages to keep themselves protected and productive.”
Deep Discovery has enhanced the sharing of advanced threat information or indicators of compromise (IOCs) by leveraging standards-based formats and transfers (STIX, TAXII, YARA). All compatible security solutions an organisation uses, including the entire Trend Micro product family and third-party products, will have the up-to-the-minute threat intelligence. This simplifies IOC management for stretched IT teams.
Network analytics enable security teams to easily look back at historical data in an automated way to determine:
- Who was the first point of compromise
- What other users in the network have been impacted
- Where the threat is calling out to, including Command and Control (C&C) and malicious site redirects
By providing a prioritised view of advanced threat detections it helps IT security teams automate investigations for quicker action, helping them save time and allowing them to focus their limited resources on other activities. In addition, the solution accelerates remediation efforts and even prevents further attacks thanks to information displayed across the attack lifecycle.
Advanced threat sharing and network analytics capabilities for Deep Discovery are now available globally.