Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

Solera Networks Launches ‘Black Box’ For Security Incident Responders

Solera Networks, a provider of security Intelligence and analytics solutions, this week launched a solution designed to help responders understand the impact of security breaches, such as what systems and data were affected, along with what the root cause was and overall impact. More importantly, Solera says, the solution helps security teams determine if the incident is over and won’t happen again.

Solera Networks, a provider of security Intelligence and analytics solutions, this week launched a solution designed to help responders understand the impact of security breaches, such as what systems and data were affected, along with what the root cause was and overall impact. More importantly, Solera says, the solution helps security teams determine if the incident is over and won’t happen again.

Called the “Solera DeepSee BlackBox Recorder”, the product continuously captures all network traffic—including packets, flows, files and applications, and helps incident responders pinpoint the root cause and material impact of a breach while applying precise and effective remediation, the compay said.

Solera Networks Logo“The Solera DeepSee BlackBox Recorder is like having a black box flight recorder for the network—providing incident responders with all the critical information necessary to effectively investigate and resolve a security breach or targeted attack,” explained Steve Shillingford, president and CEO at Solera Networks.

What sets the DeepSee BlackBox Recorder apart from previous Solera offerings is that it can be deployed and installed at no initial cost, the company told SecurityWeek. License purchase is required only when incident responders “break the glass” to retrieve the captured security intelligence when an incident occurs.

“With its ‘break glass when breached’ approach, today’s incident responders and security service providers will immediately realize the value of DeepSee BlackBox Recorder by accessing it after a breach occurs,” the company said in a statement.

The Recorder can be deployed as a DeepSee Virtual Appliance, which supports the capture of up to 10TB or network traffic, or as DeepSee Software, which can support up to 200TB of capacity.

Powered by the company’s “DeepSee” technology, the BlackBox Recorder applies big data security analytics, threat intelligence and network visibility to offer:

Application discovery—classify more than 1,000 applications and thousands of metadata attributes, including content types and file names.

Advertisement. Scroll to continue reading.

Real-time file extraction—automatically extract and analyze any file, including malicious file types.

Root Cause Explorer—create a timeline of suspect Web sessions, email and chat conversations—before, during and after a security breach.

Session reconstruction—obtain a full record of user session activity as it happened in real-time.

Reputation service—reveal the integrity of any IP address, file or email address.

Full layer 2-7 indexing—correlated analytics with direct drill-downs from layer 2 to 7.

The Solera DeepSee BlackBox Recorder is available immediately with a licensing cost of $10,000 per BlackBox Recorder, which includes up to 30 days of use and access.

Additional details on the solution are available here

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.