CONFERENCE Virtual Event Today: Threat Detection & Incident Response (TDIR) Summit - Join the Event
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

Solera Networks Launches ‘Black Box’ For Security Incident Responders

Solera Networks, a provider of security Intelligence and analytics solutions, this week launched a solution designed to help responders understand the impact of security breaches, such as what systems and data were affected, along with what the root cause was and overall impact. More importantly, Solera says, the solution helps security teams determine if the incident is over and won’t happen again.

Solera Networks, a provider of security Intelligence and analytics solutions, this week launched a solution designed to help responders understand the impact of security breaches, such as what systems and data were affected, along with what the root cause was and overall impact. More importantly, Solera says, the solution helps security teams determine if the incident is over and won’t happen again.

Called the “Solera DeepSee BlackBox Recorder”, the product continuously captures all network traffic—including packets, flows, files and applications, and helps incident responders pinpoint the root cause and material impact of a breach while applying precise and effective remediation, the compay said.

Solera Networks Logo“The Solera DeepSee BlackBox Recorder is like having a black box flight recorder for the network—providing incident responders with all the critical information necessary to effectively investigate and resolve a security breach or targeted attack,” explained Steve Shillingford, president and CEO at Solera Networks.

What sets the DeepSee BlackBox Recorder apart from previous Solera offerings is that it can be deployed and installed at no initial cost, the company told SecurityWeek. License purchase is required only when incident responders “break the glass” to retrieve the captured security intelligence when an incident occurs.

“With its ‘break glass when breached’ approach, today’s incident responders and security service providers will immediately realize the value of DeepSee BlackBox Recorder by accessing it after a breach occurs,” the company said in a statement.

The Recorder can be deployed as a DeepSee Virtual Appliance, which supports the capture of up to 10TB or network traffic, or as DeepSee Software, which can support up to 200TB of capacity.

Powered by the company’s “DeepSee” technology, the BlackBox Recorder applies big data security analytics, threat intelligence and network visibility to offer:

Application discovery—classify more than 1,000 applications and thousands of metadata attributes, including content types and file names.

Real-time file extraction—automatically extract and analyze any file, including malicious file types.

Advertisement. Scroll to continue reading.

Root Cause Explorer—create a timeline of suspect Web sessions, email and chat conversations—before, during and after a security breach.

Session reconstruction—obtain a full record of user session activity as it happened in real-time.

Reputation service—reveal the integrity of any IP address, file or email address.

Full layer 2-7 indexing—correlated analytics with direct drill-downs from layer 2 to 7.

The Solera DeepSee BlackBox Recorder is available immediately with a licensing cost of $10,000 per BlackBox Recorder, which includes up to 30 days of use and access.

Additional details on the solution are available here

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is founder and director of several leading cybersecurity industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

PAM provider Keeper Security has appointed Shane Barney as its Chief Information Security Officer.

SpecterOps has appointed Tim Bender as CFO, Pat Sheridan as CRO, and Bryce Hein as CMO.

CISA has officially announced the appointment of Madhu Gottumukkala as its new deputy director.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.