Core Security Improves Network Visibility, Simplifies Investigations
Core Network Insight Now Includes Retroactive Analysis, Two New Behavior Profilers
ATLANTA, July 20, 2017 /PRNewswire/ -- Core Security®, a leader in Vulnerability, Access Risk Management and Network Detection and Response, today announced the availability of Core Network Insight 6.3. The new offering includes enhancements like Retroactive Analysis, which allows users to "look back in time" at metadata from before a device started to act suspiciously, and new behavior profilers.
Core Network Insight is an advanced threat detection system built on nearly a decade of scientific research and big data visibility. It automatically and accurately identifies hidden infections in real time on live traffic. When Core Network Insight confirms a device is infected by advanced persistent threats or malware, it terminates criminal communications and presents a full case of evidence, prioritized by risk – thus, no more chasing False Positives.
"Organizations are constantly looking for better, correlated data to help them conduct more thorough investigations into incidents to protect from data breaches," said Stephen Newman, SVP of Product Management at Core Security. "Our new retroactive analysis capability provides more historic context, helping to speed along these investigations. In addition, the addition of the transaction and contextual profilers continue to make Core Network Insight the most robust solution for detecting the myriad of ways and patterns that criminal operators use once they have penetrated a network."
New features in Core Network Insight 6.3 include:
- Enabling Hunting of Network Communication Data:
- Retroactive Analysis - Network Insight 6.3 now stores metadata on all observed internet bound communications, enabling the retroactive discovery of command and control communications that occurred days prior to knowledge of the destinations being malicious. This allows administrators to search stored historical network communication metadata for investigations.
- New API Support – Allows users to interact with the product and pull data via RESTful API.
- Driving Innovation Into Advanced Threat Detection:
- New Transaction Profiler – Detection technique that detects malicious traffic using packet payload analytics.
- New Contextual Profiler – Detection technique that identifies related domain sets used by malware to communicate to peripheral (non-C&C, human usable) legitimate domains.
- DNS Tunneling and TOR Detection- Enhanced DNS tunneling and TOR Profilers are included as events in SIEM outputs from Network Insight and in the evidence timeline.
- New Deployment Options: Virtual Sensor –Ideal for remote locations and branch office deployments.
To learn more about Core Network Insight 6.3, please contact us at [email protected] or better yet if you are going to Black Hat, stop by our booth #224.
About Core Security Corporation
Core Security provides companies with the security insight they need to know who, how, and what is vulnerable in their organization. The company's threat-aware, identity & access, network security, and vulnerability management solutions provide actionable insight and context needed to manage security risks across the enterprise. This shared insight gives customers a comprehensive view of their security posture to make better security remediation decisions. Better insight allows organizations to prioritize their efforts to protect critical assets, take action sooner to mitigate access risk, and react faster if a breach does occur.
Core Security is headquartered in the USA with offices and operations in South America, Europe, Middle East and Asia. To learn more, contact Core Security at (678) 304-4500 or [email protected]
Media Contact
Kari Walker
ZAG Communications for Core Security
+1.703.928.9996
[email protected]
SOURCE Core Security
Related Links
WANT YOUR COMPANY'S NEWS FEATURED ON PRNEWSWIRE.COM?
Newsrooms &
Influencers
Digital Media
Outlets
Journalists
Opted In
Share this article