The latest version of Gigamon ThreatINSIGHT, a cloud-native network detection and response (NDR) solution, comes with a series of threat detection and management features that would help take an organization’s security posture to a new level.
Gigamon ThreatINSIGHT uses Machine Learning (ML) and Gigamon Applied Threat Research (ATR) techniques to reduce investigation and response time.
“As the cyberthreat landscape continues to evolve, ThreatINSIGHT has an advantage as a cloud-native, high-velocity network visibility, threat detection and response solution,” said Chris Kissel, IDC Research Director, Worldwide Security & Trust Products.
“With the complete visibility into network traffic only Gigamon can offer, they are now providing the mission-critical data needed to not only monitor and analyze, but also to act on malicious activity that can quickly cripple an organization.”
New features in this latest version of Gigamon ThreatINSIGHT would include:
- ML-based automated behavior profiling curated by ATR provides best-in-class detection capabilities.
- Ability to identify and curate clusters of network events allowing incident responders to quickly identify impending threats.
- OmniSearch provides rapid contextual correlation of events to significantly reduce investigation time.
- Power to leverage the Gigamon INSIGHT Cloud Data Warehouse which delivers access to all current and historical network activity metadata needed for comprehensive forensics and investigative efforts.
“Time is everything for threat response and responders,” said Josh Carlson, Vice President and INSIGHT General Manager, Gigamon. “With that principle in mind, we have enhanced ThreatINSIGHT with a series of detection and management features that takes an organization’s security posture to a new level, allowing our customers to focus on threat hunting and resolution, not maintaining their threat-hunting infrastructure.”
ThreatINSIGHT was built on ICEBRG, a cybersecurity vendor acquired by Gigamon in 2018. The solution provides advanced capabilities that a responder would need for modern threats: “quality detections and a panoramic view into everything that a threat actor has done within their network, without the need to sift through logs or bounce between multiple disjointed tools.