Solera Networks, a provider of security Intelligence and analytics solutions, this week launched a solution designed to help responders understand the impact of security breaches, such as what systems and data were affected, along with what the root cause was and overall impact. More importantly, Solera says, the solution helps security teams determine if the incident is over and won’t happen again.
Called the “Solera DeepSee BlackBox Recorder”, the product continuously captures all network traffic—including packets, flows, files and applications, and helps incident responders pinpoint the root cause and material impact of a breach while applying precise and effective remediation, the compay said.
“The Solera DeepSee BlackBox Recorder is like having a black box flight recorder for the network—providing incident responders with all the critical information necessary to effectively investigate and resolve a security breach or targeted attack,” explained Steve Shillingford, president and CEO at Solera Networks.
What sets the DeepSee BlackBox Recorder apart from previous Solera offerings is that it can be deployed and installed at no initial cost, the company told SecurityWeek. License purchase is required only when incident responders “break the glass” to retrieve the captured security intelligence when an incident occurs.
“With its ‘break glass when breached’ approach, today’s incident responders and security service providers will immediately realize the value of DeepSee BlackBox Recorder by accessing it after a breach occurs,” the company said in a statement.
The Recorder can be deployed as a DeepSee Virtual Appliance, which supports the capture of up to 10TB or network traffic, or as DeepSee Software, which can support up to 200TB of capacity.
Powered by the company’s “DeepSee” technology, the BlackBox Recorder applies big data security analytics, threat intelligence and network visibility to offer:
• Application discovery—classify more than 1,000 applications and thousands of metadata attributes, including content types and file names.
• Real-time file extraction—automatically extract and analyze any file, including malicious file types.
• Root Cause Explorer—create a timeline of suspect Web sessions, email and chat conversations—before, during and after a security breach.
• Session reconstruction—obtain a full record of user session activity as it happened in real-time.
• Reputation service—reveal the integrity of any IP address, file or email address.
• Full layer 2-7 indexing—correlated analytics with direct drill-downs from layer 2 to 7.
The Solera DeepSee BlackBox Recorder is available immediately with a licensing cost of $10,000 per BlackBox Recorder, which includes up to 30 days of use and access.
Additional details on the solution are available here.