Network threat detection solution combines real-time system and traffic recording capabilities

Rohde & Schwarz Cybersecurity has launched a fine-grained network threat detection solution. It provides detailed data to security information and event management (SIEM) systems and threat intelligence platforms. The solution offers full traffic visibility in real time via insights from the DPI engine. Combined with the advanced analytics afforded by machine learning and anomaly detection technologies, it enables businesses to detect both known threats that have a documented detection signature, as well as new attacks and abnormalities not previously identified and difficult to spot using classical cybersecurity tools. These new and complex attacks can be exposed by correlating heuristic data and behavioural analysis as well as by extracting content and metadata of network traffic. When linked to threat intelligence platforms or SIEM tools such as Splunk, the collected data is analyzed and correlated to alert and detect on abnormal network behaviour to apply security policies. The solution also includes network traffic recording abilities delivering fine-granular visibility of traffic history for accurate forensic analysis and threat qualification. “The advanced threat detection solution provides an all rounded approach to threat analytics: from classical IDS-like alarms to identification of potential anomalies and threats based on correlated deep traffic information and statistics in time,” said Irina Palade, Product Manager at Rohde & Schwarz Cybersecurity. “This makes it possible to detect compromised hosts, spot lateral movement or network malfunction – whether it’s malware, insider action or advanced persistent threat.” “The solution provides a key source of threat intelligence not only to protect against zero-day attacks and to reduce detection-to-containment times but also to aid in the follow-up investigation to make security improvements after a threat has been neutralized,” added Jarrod J.S. Siket, chief marketing officer at Napatech. Black Hat Europe, Booth 205 and 206, EXCEL London, December 4-7