Netography announced further innovation to its Netography Fusion platform, delivering scalable, continuous network visibility and control required by security operations center (SOC) and cloud operations teams.
Netography Fusion enables organizations to significantly reduce cyber threat risks and costly downtime in real-time with improved security and business context, as well as powerful remediation automation capabilities through alerts, custom detections, and integrations. The platform is the only security product that secures the Atomized Network—including legacy, on-premises, hybrid, multi-cloud, and edge environments.
“Since the pandemic hit, networks have rapidly evolved into composites of multi-cloud, hybrid-cloud, and on-prem infrastructure with mobile and remote workforces. The implications for network security are massive,” said Martin Roesch, Netography CEO. “The Atomized Network is elastic, ephemeral, and encrypted, and organizations are blinded to the composition of their networks and entire categories of attack. This creates gaps where attackers can hide between the technologies and operational teams who use them. Defending the Atomized Network must be done in real-time, detecting and responding to threats as they emerge with a solution architected for the world we are now in.”
Netography Fusion is a cloud-scale, network-centric platform; it reconstitutes capabilities disrupted by the combined impact of encryption in security-as-a-service (SaaS) and Zero Trust environments and atomization and replaces network-scoped capabilities formerly delivered by deep packet inspection (DPI) hosted on appliances. It also provides visibility in places where Endpoint Detection and Response (EDR) solutions simply cannot see independently. A frictionless deployment model enables defenders to secure their Atomized Networks immediately, when, and where needed.
Newly added context labels and tagging allow security and cloud teams to visualize and analyze networks by application, location, compliance groups, or any other scheme. The UX/UI provides analysts with a flexible and optimized workflow to pivot and analyze massive amounts of data quickly.
“Multiple teams, including the SOC and Cloud Ops teams at FICO are continuing to expand their use of Netography Fusion’s scalable network visibility and control platform,” said Shannon Ryan, Senior Director, Core Security Services and Architecture, FICO. “The addition of context labels enables new use cases, including policies that we can apply to specific applications or our on-premises or multi-cloud infrastructure, enabling us with visibility and alerts for specific compliance controls. Context labels also make it easier for more team members to analyze incidents and answer audit questionnaires quicker.”
Netography Fusion customers also:
- Close visibility gaps: From north-south to east-west and cloud to cloud only Netography Fusion provides the actionable visibility teams need.
- Analyze incidents and alerts with context: Context labels are provisioned by loading context from both cloud and on-prem infrastructure, allowing custom searches with Netography’s Query Language (NQL) to set up detections, alerts, and reports all with security or business context.
- Squash silos between teams: From security operations to IT to cloud operations, DevOps, threat hunters, forensics, and risk and compliance, all benefit from a single source of truth, the enriched Flow logs, and context.
- Lower mean time to detect (MTTD): Netography Fusion’s robust visualization and graphing interfaces combine with NQL and Netography Detection Models (NDM) to enable security teams to stop attacks quickly and limit the “blast zone” of those attacks.
- Lower mean time to respond (MTTR): Teams will have unprecedented control to limit downtime and the costs associated with remediating post intrusion. Regaining control of your network in the face of a successful breach is key to minimizing the cost of breaches and getting back to business.
- Supercharge threat hunting: Forensics teams can achieve gap-free visibility and flexible data retention policies to investigate incidents, understand the attack path and implement proactive measures to prevent future intrusions and reduce attacker dwell time.
- Accelerate audits and improve compliance: Streamline audits and proof of network policy enforcement with context labeling, tagging, and flexible retention capabilities. Teams can isolate network traffic visibility and control by application, location, line of business (LOB), asset type, and more.
- Get more out of existing tech stack: Extend endpoint visibility and control capabilities to devices and network points that do not support agents, or simply cannot do so cost-effectively. Teams gain comprehensive support for alerting platforms like PagerDuty, Slack, Teams, Twilio, and more via Webhook functionality.