Trend Micro has added advanced analytics capabilities to its network security solution, Deep Discovery.
The new analytics features will enable customers to streamline investigations and incident response, using automated analysis and correlation of network events.
The solution is intended to help organisations to address the increasing number of threats with limited IT security resources.
In addition to the new network analytics capabilities, Deep Discovery has enhanced the sharing of advanced threat information or indicators of compromise (IOCs) by leveraging standards-based formats and transfers (STIX, TAXII, YARA). All compatible security solutions an organisation uses, including the entire Trend Micro product family and third-party products, will have the up-to-the-minute threat intelligence. This simplifies IOC management for stretched IT teams.
The network analytics capabilities enable security teams to rapidly discover the first point of compromise, what other users on a network have been impacted, and to identify command and control servers or other malicious sites that the threat might be attempting to contact.
By providing a prioritized view of advanced threat detections it helps IT security teams automate investigations for quicker action, helping them save time and allowing them to focus their limited resources on other activities. In addition, the solution accelerates remediation efforts and even prevents further attacks thanks to information displayed across the attack lifecycle.
"Nobody likes to be blindsided. Security professionals need to be able to see what is happening across their network and respond quickly when needed. They need to be able to filter the noise so they can focus on critical tasks," said Eric Skinner, vice president of solution marketing for Trend Micro. "The new network analytics capabilities of Deep Discovery do just that, empowering organisations struggling with skills shortages to keep themselves protected and productive."