In the beginning, networks and the Internet writ-large were designed with the notion of intrinsic security based on a perimeter wherein a person, application or third-party was verified and subsequently granted an all-inclusive ‘trusted’ status. Suffice to say, this approach has resulted in damages and incalculable losses on a global scale. Trust placed on verification at only of a few points of access has proven to be lacking. To put it mildly, according to the Cloud Security Alliance in their Software-Defined Perimeter Architecture Guide, “Today’s network security architectures, tools and platforms all fall short of meeting the challenges presented by our current security threats.” With recent (network) technology advances, we are now capable of building continuous verification to enable zero-trust.
Digital transformation and the growing complexity of IT environments present new vulnerabilities that can be exploited by attackers for reconnaissance, delivering malicious payloads or to exfiltrate data. Using live network traffic for analysis to expose hidden malicious or anomalous activities and security threats among the complexity is fundamental for improved detection and response. So much so, that Gartner recently published an inaugural market guide for network traffic analysis (NTA), to help organizations understand what to look for (more on that later).
What is network traffic analysis (NTA)?
Network traffic analysis uses network communications and their protocols for detection, identification and analysis of cybersecurity threats and potential operational issues. As you’ll read, we propose doing this in real-time, with wire-speed network data and analytics to meet the demands of digital business and to gain an edge on reducing mean time to detect (MTTD) / mean time to respond (MTTR).
Today we announce the publication of our Special Report: Reduce Risk with Real-time Interactive Remediation of Network Traffic. It contains a discussion and explanation of the emerging capabilities of technologies to enable real-time decisions based on live / streaming network traffic data to reduce cybersecurity and operational risk.
The next phase in continuous cyber defense and what it means
An interview with Kim Watson, Technical Director of the Integrated Adaptive Cyber Defense (IACD) initiative at JHU APL
Is it possible to get access to, and process all the relevant information available, to improve cyber defense? The threat landscape continues to evolve, new and ever more sophisticated TTPs (tools, techniques and procedures) are utilized by adversaries while cybersecurity teams have a new arsenal of AI/ML and orchestration tools, that may offer relief for overwhelmed security staff whose efforts are gaining increased attention by the c-suite.
As technologies advance and enterprise networks expand, administrators accountable for the overall health and performance of infrastructure accumulate more and more responsibility. CIOs are continually analyzing the problem of how to better monitor and secure the activity within their organization’s network.
MantisNet's recently published whitepaper, Solutions for the Next Generation of 5G and IoT Network Deployments, focuses on the enablement of real-time network intelligence, monitoring and analysis at the edge. This topic is very timely as telecommunications carriers are readying their fifth generation, or 5G, network deployments. The promise of higher speeds, lower latency and greater throughput has arrived to deliver improved digital experiences and further enable the continual growth of Internet of Things (IoT) connectivity and interactions.
We had the pleasure of supporting the Software Engineering Institute at Carnegie Mellon University’s conference, FloCon: Using Data to Defend. The presentations and discussions at the event provided validation that changes are coming to network and cyber security. More mathematical solutions are being developed to fuel machine learning and algorithms to combat malicious and other network traffic of interest. If you missed the event, an overview and video of our presentation is below.
MantisNet is a proud sponsor and participant at the upcoming FloCon 2019 conference in New Orleans, January 7-10, 2019.
We were excited to be accepted as a speaker and sponsor for the annual Software Engineering Institute at Carnegie Mellon University’s event. The theme for FloCon 2019 is ‘Using Data to Defend’ and the forum to “explore large-scale, next-generation data analytics in support of security operations” fits squarely within the core mission and vision of MantisNet.
Before we can address the optimum method for responding to the continuously evolving cyber threat landscape, we need to understand the sources and types of data available from which we can understand and make decisions about the health and security of our systems.
The world of cyber security is complex and misunderstood by a majority of the public. Even in IT, few people understand the complexities of a sophisticated cyber attack. It's this lack of understanding and the low number of experts in the field that give cyber attackers an advantage.