UPDATED 09:00 EST / FEBRUARY 09 2022

SECURITY

Gigamon’s new ThreatINSIGHT release offers teams visibility into historical network data

Cloud visibility and analytics company Gigamon Inc. today announced a new release of its network detection and response solution.

The latest release of ThreatINSIGHT Guided-SaaS NDR offers teams visibility into historical network data and the tools to use that data to identify adversary activity across the MITRE ATT&CK framework.

Gigamon noted that the average adversary dwell time is now more than 285 days, giving adversaries the opportunity to find and breach an organization’s most sensitive data and intellectual property, aiming to hold it for ransom. The company argues that other NDR solutions typically provide 30-day data retention, missing these “low and slow” threats.

The new version of Gigamon ThreatINSIGHT is said to be the only NDR to address extended dwell times with 365-day retention of rich network metadata. The use of long data retention enables more proactive threat hunting, lessening the pressure of ransomware, advanced persistent threats and cybercrime that results in 70% of security operations center teams reporting burnout.

Gigamon says ThreatINSIGHT Guided-SaaS NDR equips security teams with ten times longer data retention than other NDR offerings on the market, enabling better threat hunting, including extended detection and response programs. SOC analysts can also respond with immediate validation on whether newly reported vulnerabilities have been exploited in the past.

The new release includes guided playbooks that are designed to empower investigators to identify attackers based on real-world behaviors – all within a few mouse clicks and guided by battle-tested playbooks.

Gigamon ThreatINSIGHT Guided-SaaS NDR includes support for parallel hunting, which allows SOC teams to coordinate faster with more effective threat hunting efforts across the globe via parallel queries and investigations. When combined with guided playbooks, the company says, SOC teams can rapidly leverage their institutional knowledge to stay ahead of attackers.

Extended reporting with 90-day at-a-glance dashboards assists organizations who are required to comply with reporting mandates following data breaches. A lack of historic network visibility can impede compliance, digital forensics and audit efforts across the organization. ThreatINSIGHT provides a 90-day dashboard to support compliance needs by offering organizations unparalleled visibility into their networks, according to Gigamon.

“Every new data breach, insider threat and ransomware attack underscores the need for high-fidelity detections that are as effective as adversaries are persistent,” Michael Dickman, chief product officer at Gigamon, said in a statement.

Image: Gigamon

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU