The evolution and adoption of end-point encryption over the last several years has caused a major challenge when it comes to security. Most edge security approaches rely on deep-packet inspection — something that is no longer possible when those packets are encrypted.
At the same time, the proliferation of IoT and smart devices has resulted in an exponential growth in edge connections, significantly expanding the vulnerability footprint. This growth has led to increased security needs and information overload, leaving most organizations scrambling to respond.
Observable Networks uses an approach they call ‘end-point modeling’ to help organizations cut through the noise of alert storms and identify anomalous behavior regardless of packet encryption. Collecting the metadata that defines the communication between end-points, they develop a model of each device’s normal network activity.
Because they don’t rely on agents, they can apply their modeling technique to every edge device in your environment. Delivered as a software appliance and as a subscription service, organizations can begin realizing value and finding clarity very quickly. According to Observable Networks, their customers presently rate 90% of the alerts their system provides as ‘helpful’ — proof, they say, that their device modeling approach eliminates alert noise at the source.
Copyright © Intellyx LLC. Intellyx publishes the Agile Digital Transformation Roadmap poster, advises companies on their digital transformation initiatives, and helps vendors communicate their agility stories. As of the time of writing, none of the organizations mentioned in this article are Intellyx customers. To be considered for a Brain Candy article, email us at firstname.lastname@example.org.