By Michael Vaughn
NetworkWorld’s Charles Araujo phrased the issue quite well in an article last week:
Organizations must also rationalize security data in a business context and manage it holistically as part of the overall IT and business operating model. A group of vendors is also attempting to tackle this challenge…
Forbes writer, Jason Bloomberg, said it best when he recently described the future of enterprise security software and how all signs point toward Ziften leading the way:
Perhaps the broadest disruption: vendors are improving their ability to understand how bad actors behave, and can thus take steps to prevent, detect or mitigate their malicious activities. In particular, today’s vendors understand the ‘Cyber Kill Chain’ – the steps a skilled, patient hacker (known in the biz as an advanced persistent threat, or APT) will take to achieve his or her nefarious goals.
The product of U.S. Defense contractor Lockheed Martin, The Cyber Kill Chain contains seven links: reconnaissance, weaponization, delivery, exploitation, installation, establishing command and control, and actions on objectives.
Today’s more innovative vendors target one or more of these links, with the goal of preventing, discovering or mitigating the attack. Five vendors at RSA stood out in this category.
Ziften offers an agent-based approach to tracking the behavior of users, devices, applications, and network elements, both in real-time as well as across historical data. In real-time, analysts use Ziften for threat identification and prevention, while they use the historical data to uncover steps in the kill chain for mitigation and forensic purposes.
Read the entire article at https://ziften.com/rsa-2017-recap-no-more-one-size-fits-all-solutions/