Security Analytics Platform
Security Analytics Platform
Analyze. Actualize. To combat today’s sophisticated network attacks, you need a deeper understanding of everything that’s happening on your networks—all the activities, applications, and personas. And that requires more than data, analysis, and the latest signature-based preventative security tools.
The Security Analytics Platform acts as a camera on the network, providing clear, actionable intelligence about security threats to applications, files, and web content. With this retrospective look at traffic on the network, you can quickly identify the advanced and targeted attacks that slip past traditional prevention-based security tools.
The Security Analytics Platform delivers:
- Situational Awareness: Protect against—and respond to—advanced persistent threats and attacks that fly under the radar of traditional security tools with a complete and forensically sound record of network activity that provides context, inferential analysis, and event correlation/trending.
- Incident Response and Resolution: Go back in time to identify the root cause of an infection or compromise and reduce time-to-resolution by automatically reconstructing a timeline of suspect web sessions, emails, and chat conversations.
- Automated Alerts and Workflows: Instantly respond to security events with trigger-based notifications of targeted events, unknown applications on the network, or encrypted traffic on non-standard encrypted ports. Save time with automated tasks, such as checking for traffic against a list of known bad sites.
- Continuous Advanced Malware Detection: Mitigate risks before they can be exploited and/or cause harm by replaying network traffic against updated firewall, IDS, or IPS signatures to catch prior intrusions. Continuously monitor the network to verify that previously eradicated malware is no longer present.
The Security Analytics Platform is easily deployed anywhere within the network—either as a pre-configured appliance, a virtual appliance, or software on your own hardware. Designed to meet the grueling demands of the largest government and enterprise networks, the patented architecture captures network data at speeds up to 10 Gbps with full fidelity.
The platform features an extensible architecture that hosts the Blue Coat ThreatBLADES that exist today, and those in the future. You can customize the platform with Custom Analytics BLADES that use configurable logic to detect specific types of security threats.
With a powerful API, the Security Analytics Platform integrates with best-of-breed network security technologies, so your security tools can work in concert—sharing data, creating insights, and empowering the team to identify and address security issues quickly and thoroughly.