At ProtectWise, we are big believers in enhancing our customers' existing security architecture. Every organization is different and maintains a different level of security investment, often comprised of a wide array of security technologies. In any of these environments, our cloud-delivered enterprise security platform can amplify the existing strategy by providing greatly increased visibility across even the most widely dispersed and complex network environments along with a high fidelity copy of the raw network traffic, and automated real-time and retrospective threat detection on that entire haystack.
We are also strong believers in the collective, correlated opportunity for threat detection. We take advantage of the cloud form factor to create shared wisdom and experiences across enterprise networks. The result is a ‘safety in numbers' effect where the whole is greater than the sum of its parts--something we refer to as collective, scalable security.
In addition to collective security, we believe that competent threat detection, forensic analysis and incident response require bringing many forms of analysis and context together continuously into a single form factor to greatly accelerate real work done by real people. Data analysis should be intuitive and expedited by surfacing the most important security events to the top. This correlated approach to analysis should also empower incident responders to ‘go deep' by providing direct access to the entire data set, all the way down to the raw network data itself, on demand and instantaneously.
We are not the only ones who believe that in order to be effective, detection must be collective and correlated. In a recent blog post, Netflix announced the public release of its Fully Integrated Defense Operation (FIDO), which is designed for "automatically analyzing security events and responding to security incidents." As they state in the blog post:
The typical process for investigating security-related alerts is labor intensive and largely manual. To make the situation more difficult, as attacks increase in number and diversity, there is an increasing array of detection systems deployed and generating even more alerts for security teams to investigate.
Netflix, like all organizations, has a finite amount of resources to combat this phenomenon, so we built FIDO to help. FIDO is an orchestration layer that automates the incident response process by evaluating, assessing and responding to malware and other detected threats.
We are proud to be one of the leading security providers playing a role in FIDO, but more importantly, we applaud FIDO as an effective, lean-forward security strategy.
This era of visibility and collaboration is only now beginning and we are thrilled to have a part in moving it forward.
Next blog post