Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Bradford Networks Automates Threat Containment Process With New Offering

New Rapid Threat Response Product Automates Threat Triage Process to Contain Threats in Real Time

New Rapid Threat Response Product Automates Threat Triage Process to Contain Threats in Real Time

Bradford Networks, a provider of threat response solutions, today unveiled a new offering designed to help organizations rapidly contain advanced cyber threats.

Dubbed “Network Sentry/RTR”, the new solution leverages a “Live Inventory of Network Connections” (LINC) and customized integrations with firewall and threat detection solutions to automatically correlate high fidelity security alerts with compromised endpoints, the company said in an announcement.

“The growing volume and complexity of security events that need to be triaged make it impractical and irresponsible to attempt to respond and remediate threats manually, yet even the most sophisticated organizations remain hamstrung by manual processes for incident response,” said Jon Oltsik, senior principal analyst at Enterprise Strategy Group. “As a result, problem isolation and containment can take days or weeks. Automating incident response activities may be the best way to address this problem. By integrating technologies, streamlining operations, accelerating root cause analysis, and automating remediation tasks, Bradford Networks is addressing this critical industry-wide problem head on.”

According to Boston-based Bradford Networks, key features of Network Sentry/RTR include:

Network Visibility: Delivers a Live Inventory of Network Connections (LINC) across all wired, mobile and VPN endpoints to automatically identify and control every device, user and connection to the network;

Correlates High Fidelity Security Alerts: Automatically correlates the IP address provided by the firewall or threat detection solution to the compromised devices, users and applications;

Boosts Intelligence with Context-Aware Security Data: Adds context to security alerts, such as user name, security group, device type, additional devices owned by the same user, installed applications, operating system, wireless access point and wired switch port, connection duration and endpoint compliance, to provide a broader perspective of the business impact and risk;

Context Aware Automation: Automatically takes a response action on a non-compliant, compromised or risky endpoint, such as auto-block, restrict, or remediate, and notifies IT staff in real time, based on pre-defined security policies;

Dynamic Policy-Driven Access: Dynamically controls every user’s and endpoint’s level of network access based on trust and risk, combined with business-criticality;

Accelerates Forensic Investigations: Integrates with Network Sentry/Analytics to provide long-term analysis and forensics information to simplify and accelerate cyber threat investigations.

“In today’s cyber threat landscape, companies need to move from a strategy of solely focusing on prevention to one that enhances detection and rapid response,” said Tom Murphy, chief marketing officer at Bradford Networks. “By creating seamless workflows that bridge the gap between the SOC [security operations center] and the NOC [network operations center], and automating complex triage processes, Network Sentry/RTR delivers the missing piece in rapid threat response and can contain threats in seconds.” 

Network Sentry/RTR is available immediately and can be deployed as a physical appliance, virtual appliance, or cloud service. 

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Expert Insights

Related Content

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Cybersecurity Funding

Forward Networks, a company that provides network security and reliability solutions, has raised $50 million from several investors.

Network Security

Cisco patched a high-severity SQL injection vulnerability in Unified Communications Manager (CM) and Unified Communications Manager Session Management Edition (CM SME).

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...