In your SOC, great data analysis needs great data collection – Snare from Prophecy International

28 October 2018 | 280 Shares

Shutterstock

Prophecy International’s takeover of Snare in 2011 has helped the cybersecurity company reach new markets right across the world, with clients including Boeing, Lockheed Martin, and the US Navy.

With a customer list like that, anyone interested in the company’s Snare product will know that their cyberdefenses are in the safest of hands. And with sales growing 500 percent in the three years between 2012 and 2015, any new customers certainly won’t be alone in their need to source the best threat intelligence platform out there.

Any SOC is effectively a data processing hub, albeit one that cannot let its attention drift for a moment.  Whichever direction an organization may go in its digital journey – a full transformation or a tentative move towards XaaS solutions in the cloud – the security function in the business needs to be able to protect.

Snare is, therefore, the perfect fit. It’s not a rip-out-and-replace cybersecurity solution; it’s designed to work alongside all network protection devices and technologies, from a simple edge-protecting stateful firewall to the most advanced SIEM.

Prophecy International – Snare

So while log file parsing and examination remain the critical components in risk management, the massive amounts of data flowing across the security function’s virtual desks today mean that modern defense tools like Snare need to drastically reduce detection and resolution times, as well as driving adherence to compliance regulations.

The Snare platform’s numerous data connectors means it is as able to look at individual PC logs in HR and Payroll, for example, as it is to sift output from high-end anti-DNS spoofing algorithms, intelligently.

The analytics-driven security approach from Snare’s threat management platform allows businesses the edge and affords them the valuable time that makes the difference between a costly breach and the continued protection of sensitive information.

Attacks and human errors alike can throw up alerts and raise red flags, so seeing these via trends and patterns in data, in near real-time, is the first step in a detection process that Snare helps manage. Its threat detection platform ensure that SIEM systems are not overburdened by superfluous data. Then, defined KPIs mean response teams will only need to react to actual threats, not to every false positive.

Prophecy International – Snare

Snare’s threat intelligence solution lets SOCs create visual dashboards at will, according to any specific need. Additionally, there is a range of templates available that provides the basis for even the most complex of reports. Whether it’s ensuring continued compliance with data governance or a simple monthly management round-up (with dashboard-derived visuals), Snare comes with the help you need, out of the box.

At its heart, Snare’s log parsing and management are both quick and lightweight, and very fast to deploy & get running effectively. Snare combines real-time log monitoring and the compilation of forensic trails. Additionally, the archive options mean that there’s a minimum of resource required to store many years’ of logs and security records.

Snare Agents work alongside legacy systems, collecting logs from various sources, and aggregating them for forensics and analysis. Snare Server can be deployed in-house, or in the cloud, and the platform snaps into whatever topology you’re currently using – AWS, bare-metal, private cloud and so on.

Aggregated system logs track activities right across a diverse network and give early indicators that a perimeter has been breached, or if there’s anomalous internal activity. With speed of the essence, Snare means your SOC gets the maximum time possible to respond and investigate.

Prophecy International – Snare

Accompanying every new type of threat there often comes a new cybersecurity method, algorithm or device. Protecting a network and its users means, therefore, an increasing amount of data that needs to be combed through so that no incident is allowed to cause havoc.

With the Snare threat intelligence platform, security teams get a real-time threat detection solution with fast deployment, out-of-the-box compliance, insightful dashboards (with same screen drill-down), and the invaluable time that creates the difference between a safe environment and an incident waiting to happen.

To learn more about Prophecy International and the Snare threat intelligence, SIEM, logging, archive and compliance platform, get in touch with a representative. Or, why not try the Snare agents, free for 45 days?


Prophecy International