Fox-IT launched at RSA Conference 2015 in San Francisco its Cyberthreat Management Platform, a suite of solutions, integration tools and expert services designed to provide unified, overarching control of an organization’s entire cyberthreat management operations.
The solution was developed directly from the company’s 15 years’ experience in security research and cyber incident response. It incorporates the same proprietary technology, workflows and intelligence its team of 200-plus security specialists use in cyberthreat management operations for governments, critical infrastructures and global enterprises.
It includes capabilities at every level of cybersecurity operations management:
- Cyberthreat Management Portal: A central tool for cyberthreat management with role-defined views and case handling tools; it provides Security Operations Center analysts and incident response teams with a full workflow-based threat analytics environment while presenting the CISO and C-level with relevant threat and risk information
- Threat Intelligence: Provides context to security events by connecting both applied and contextual intelligence in the platform to see if and how a threat is covered, understand the motives behind an attack and determine the overall risk profile
- Network Module: Detects and mitigates known attacks in real time, enables rapid detection of and response to new threats, and retains forensic data for retroactive investigation
- Endpoint Module: Employs a signature-less approach that enables the detection, mitigation and investigation of both known and unknown threats
- Adaptive Defense Module: A decoy network of endpoints and servers to help discover anomalies and detect targeted attacks using as yet unknown attack vectors or methods, instantaneously triggering investigations and intelligence gathering
- SIEM Integration Log Module: Integrates with any existing SIEM technology through the open common event format standard to provide context and prioritization to security events.
In operation, the Cyberthreat Management Platform significantly strengthens operational capabilities in four critical areas—intelligence, prevention, detection and response— that address not merely known threats but also unknown threats.
Fox-IT delivers the Cyberthreat Management Platform on a fully managed, hybrid or a stand-alone basis. When delivered as a managed security service, the company provides an instant-on, global, 24/7 Security Operations Center staffed with highly skilled security experts.
Organizations that want to be self-sufficient but need help getting started can use the hybrid service delivery option to create an easy path for knowledge transfer to prepare their teams to gradually take over Security Operations Center operations.
The platform and any of its modules are also available as stand-alone components, and will be available in the U.S., Europe, Middle East and Africa regions.