Announcing the Arrival of ThreatWatch 5.1
A New Generational Model of Threat Detection
In this new era of threat, we must continuously advance to new generations of technology to stay current with the attackers. Security On-Demand is driving fast and hard to it’s next generational threat model, Generation 6. This is what drives Security On-Demand’s approach to the capabilities we designed into our version 5.1 release.
New & Enhanced Features include:
The new enhancements to the service will provide new threat detection capabilities using some of the latest and cutting edge machine learning and AI advancements coming out of our R&D labs in Warsaw, Poland.
User & Asset Behavior Analysis. Customers will benefit from the ability to visualize user and asset activity in their environment, allowing them to analyze user and asset activity using a timeline-based visualization toolset that is both interactive and exploratory, including drill-downs into data relationships.
Historical Asset Deviation Machine Learning-based Alerts. This release also includes new technology utilizing artificial intelligence threat detection that both detects advanced threats and also makes SOC analysts more efficient at identifying and investigating high confidence alerts. This in turn reduces false positives and improves time to detection.
IOT Threat Detection. Most IOT devices don’t produce or send logs. Our platform now has the ability to behaviorally monitor and and detect threats that are targeted to against Internet of Things (IOT) devices.
Network Flow Data Analysis. ThreatWatch now has enhanced abilities to monitor Network Flow data to identify potential insider threat activity, including the correlation of anomalies of over 40 risk-based behaviors.
Client Portal Enhancements. New tools for log and alert summarization, enhanced portal functionality for searching, analysis, and reporting. Also includes new analytics tools for user and asset analysis.
Public Cloud Integrations. ThreatWatch now provides AWS and Azure Public Cloud Integration, delivering visibility into those cloud networks, and more specifically what activity is occuring that can be correlated with premises based systems as part of a blended threat management environment.