SAN JOSE, Kalifornija, 9. avgust 2022 - Čipke, the data-driven cloud security company, today announced new capabilities that enable organizations to uncover more critical threats to their infrastructure and empower teams to collaborate more efficiently in alert investigation and response. Lacework has added fully automated time series modeling to the existing anomaly detection capabilities of the Polygraph Data Platform. Using automated learning and behavioral analytics, the time series model builds a baseline of the volume and frequency of activity within a customer’s environment and actively monitors for spikes that deviate from that unique baseline to detect potential threats such as cryptominer attacks and compromised accounts with accuracy. Organizations can also proactively discover increased cloud usage due to misconfigurations — gaining a better understanding of their environment to help control costs. Lacework does this without the need for constant tuning of thresholds, significantly reducing both manual work and false-positive alerts. Lacework has also upgraded its alerting experience with features that empower teams to collaborate more efficiently in alert investigation and response.
The enormous amount of activity in the cloud and adoption of new technology makes it difficult to gain visibility into risks, investigate alerts efficiently, and take action, especially when teams are siloed into different workstreams and tools. Signature and rules-based approaches can’t keep pace with this dynamic environment and often overwhelm security teams with thousands of contextless alerts across a range of environments.
Polygraph, mehanizem za vedenjsko analitiko v oblaku Lacework, uporablja na desetine modelov za izgradnjo osnovne linije običajnega vedenja v oblaku. Model časovnih vrst uvaja novo razsežnost analize s sledenjem spremembam pogostosti in obsega dejavnosti skozi čas v okolju oblaka. Deluje z obstoječimi modeli, da odkrije več anomalij z manj opozorili.
Lacework prav tako samodejno prilagaja resnost opozoril na podlagi nenehnega učenja in natančnega razumevanja, koliko opazovano vedenje odstopa od predvidenega izhodišča za izboljšano natančnost. Po navedbah Podjetja za kibernetsko varnost, se je število nezasedenih delovnih mest na področju kibernetske varnosti po vsem svetu med letoma 350 in 2013 povečalo za 2021 %, brez znakov olajšanja v naslednjih petih letih. S konsolidacijo opozoril samo v tista, ki so pomembna, in zagotavljanjem varnostnim ekipam več konteksta o tem, kaj se dogaja v njihovem okolju, Lacework tem preobremenjenim ekipam omogoča, da odkrijejo več tveganj in se z njimi učinkoviteje spopadejo.
“It’s critical organizations get transparency as to what is happening across their multicloud environments, but security teams face a massive challenge keeping up with the dynamic nature of cloud environments while threats like cryptomining continue to proliferate,” said Frank Dickson, IDC Group Vice President, Security and Trust. “As an industry plagued by a seemingly insurmountable skills shortage, simply layering more alerts on the SOC does not help. Context matters; context quickly forwards SOC investigations from awareness to understanding by enabling correlations across datasets. Alerts are thus replaced with context-rich incidents that are quickly actionable and facilitate outcomes for customers. In the end, secure outcomes are the goal of every SOC.”
Lacework je prav tako prenovil izkušnjo opozarjanja, da bi organizacijam pomagal bolje sodelovati z ekipami pri določanju prioritet, raziskovanju in sledenju statusu vseh opozoril. To vključuje:
· Kontekstno bogati vpogledi: Bogatejši vpogledi dajejo popolno sliko o tem, kaj se je zgodilo, povezanih dogodkih, časovnicah in drugih podrobnostih, kar organizacijam pomaga razumeti, na kaj se osredotočiti in sprejemati boljše odločitve.
· Nastavljiva dvosmerna sinhronizacija: Ko ekipe posodobijo opozorilo na uporabniškem vmesniku Lacework ali povezano vstopnico v zalednih orodjih poteka dela, kot je Jira, se stanje opozorila samodejno posodobi na obeh straneh z dvosmerno sinhronizacijo za pospešeno razrešitev. Organizacije lahko celo posredujejo povratne informacije o stopnjah resnosti opozoril Lacework, kar nato pomaga podatkovni platformi Polygraph pri učenju in optimiziranju modeliranja za nadaljnje izboljšanje izkušnje z opozarjanjem.
· Enostavno upravljanje življenjskega cikla opozorila: Ekipe lahko lažje organizirajo opozorila, si ogledajo oznake, filtrirajo, da si ogledajo nabor določenih opozoril, spremenijo stanje opozorila, da pokažejo, ali ga je treba raziskati ali je bilo razrešeno, in dodajo komentarje za razvrščanje in boljše sodelovanje z ekipami.
“Lacework relentlessly innovates to deliver features that help customers gain the visibility and controls they need to stay ahead of the evolving threat landscape,” said Arash Nikkar, VP of Engineering, Lacework. “The Polygraph Data Platform is the only cloud security solution to combine automated time series analysis with sophisticated cloud behavioral analytics to build baselines that are tailored to a company’s unique environment. Combined with our enhanced alerting capabilities, we’re making it easier for teams to identify relevant risks and prioritize threats, even as their organization scales, the attack surface grows bigger, and security incidents increase exponentially.”
Modeliranje časovnih vrst je zdaj na voljo strankam Lacework v okoljih AWS. Nastavljive izboljšave dvosmerne sinhronizacije za izkušnjo opozarjanja Lacework so izbranim strankam na voljo v različici beta.
Dodatni viri:
· Obiščite našo ekipo v Black Hat USA na stojnici št. 2440 na razstavnem prostoru.
· Oglejte si blog Lacework, če želite izvedeti več o nov model časovne serije in izboljšano izkušnjo opozarjanja.
· Postanite strokovnjak za osnove varnosti in se naučite več od svojih sodelavcev na področju varnosti in razvijalcev Čipkarska akademija in Čipkarska skupnost.
· Preberite, kaj stranke Lacework moram reči o poligrafski podatkovni platformi Lacework.
O čipki
Lacework is the data-driven security company for the cloud. The Lacework Polygraph® Data Platform automates cloud security at scale so our customers can innovate with speed and safety. Only Lacework can collect, analyze, and accurately correlate data across an organization’s AWS, Microsoft Azure, Google Cloudin okoljih Kubernetes ter ga zožite na peščico pomembnih varnostnih dogodkov. Stranke po vsem svetu so odvisne od Lacework za povečanje prihodkov, hitrejše in varnejše uvajanje izdelkov na trg ter združevanje točkovnih varnostnih rešitev v eno samo platformo. Podjetje Lacework, ustanovljeno leta 2015 s sedežem v San Joseju v Kaliforniji, podpirajo vodilni vlagatelji, kot so Sutter Hill Ventures, Altimeter Capital, D1 Capital Partners, Tiger Global Management, Counterpoint Global (Morgan Stanley), Franklin Templeton, Durable Capital, GV, General Med drugim Catalyst, XN, Coatue, Dragoneer, Liberty Global Ventures in Snowflake Ventures. Začnite pri www.lacework.com.
- blockchain
- kriptokurrency denarnice
- kripto izmenjava
- kibernetska varnost
- cybercriminals
- Cybersecurity
- Temno branje
- oddelek za domovinsko varnost
- digitalne denarnice
- požarni zid
- Kaspersky
- zlonamerna programska oprema
- Mccafee
- NexBLOC
- platon
- platon ai
- Platonova podatkovna inteligenca
- Igra Platon
- PlatoData
- platogaming
- VPN
- spletna varnost
