CSPi Announces ARIA SDS Packet Intelligence Application for Automated Threat Remediation
06 March 2019 - 5:00AM
CSPi Announces ARIA SDS Packet Intelligence Application for
Automated Threat Remediation
CSPi (NASDAQ: CSPI), a provider of cybersecurity and packet
capture products, managed IT and professional services and
technology solutions today announces the ARIA SDS Packet
Intelligence (PI) application at the RSA 2019 conference in San
Francisco. The latest offering in the patented ARIA SDS
portfolio solves the inability to monitor all network traffic, in
some cases up to 80% unmonitored, leading to a sizable blind spot
in network activity. Through the Packet Intelligence application
security resources have complete network visibility, including
east-west traffic, as well as automated capabilities for threat
detection, disruption and network policy enforcement all without
impacting network or application performance. Depending upon
an organization's security needs, the ARIA SDS solution is offered
in several configurations from software only to hardened
appliances.
For organizations that already have threat detection tools,
including SIEMs, UEBA, IDS/IPS integrated into their security
infrastructure the ARIA PI application dramatically improves the
effectiveness and performance. These tools are only as good as the
data that is directed to them for analysis, the greater the
irrelevant data that is ingested, the greater the resulting false
alerts. ARIA PI was designed to feed modern ML and AI detection
enhanced tools with the flow metadata they can ingest to properly
detect critical threats in minutes. ARIA PI can monitor the entire
network East-West as well as North-South and send unsampled network
metadata to these tools allowing them to efficiently detect network
born threats in real-time.
Threat detection is only one step in the chain to remediation.
Analysts often need to fully investigate and scope a threat. ARIA
PI can send specific requested data – that which contains the
actual threat conversations - radically reducing investigative
response (IR) effort and time. Since many organizations have
critical information stored on particular assets, PI can actively
monitor these assets data conversations in their entirety at the
packet level - looking for threats, all while allowing such
conversations to run without performance impact.
Detecting threats quickly and performing rapid IR is only half
the battle. Threats need to be stopped. ARIA PI performs this
function as well: Pushbutton as directed by a SOC analyst- or fully
automated via its APIs that work with most modern SIEMs and SOAR
tool sets. Such commands can be used to stop particular threat
conversations – east west as well as north south and it’s done
independently without impacting network gear and firewalls with
complicated error prone policies. What’s truly unique is the
ability to stop a threat conversation from within the network
without shutting down a particular compromised asset like a
critical server. This can keep production processes running while
safely bringing up backup devices to take over.
These unique capabilities increase not only the speed and
accuracy of detecting network born threats but does the same
for incident remediation – a true breakthrough. The reduced
data can also reduce costs if charges are assessed based upon the
amount of data ingested.
With the central orchestration and management provided by the
ARIA SDS Platform the PI application is not only simple to deploy
but also scales to one or hundreds of instances across a
wide-spread organization. The ARIA PI solution is offered in four
configurations, each designed to meet a variety of security
needs:
Threat AnalyticsThis
fully automated solution identifies and classifies all network
traffic at full line rates of 10G or 25G with no loss of
application performance. The PI Threat Analytics configuration
improves network visibility by providing Netflow metadata and
application ID information for each traffic stream, allowing for
quicker identification of threats.
Passive
DetectionDeployed either through a tap or switch span the
classified and specified traffic streams are directed to the
appropriate security toolsets, including SIEMs, IDS, UEBA, and DLP
for further analysis. Additional, adaptive filtering, including
shunting, allows detection tools to operate more effectively by
focusing analysis on the most relevant traffic.
Active
ProtectionWhen deployed in-line and paired with security
threat detection solutions supporting automated scripts and
workflows including SOAR solutions, threats can be immediately
stopped as they are detected. Direct central management and
control, through the GUI allows SOC teams to quickly stop a threat.
While leveraging the APIs offers the ability to eliminate the
manual effort required to stop the threats. The solution’s
high-availability features provide the resiliency required for
critical production network in-line deployment.
Turnkey
ProtectionThe most robust configuration is a complete
turnkey approach providing full network-based threat detection or
protection via direct integration with third party IDS tools, to
detect threats or if in-line: via IPS to detect and to take
automatic, actions to stop or disrupt threats once detected. This
preconfigured solution gives organizations a cost-effective
centralized and orchestrated way to secure their environment, and
provides the right data needed for security teams to perform any
required IR activities.
To learn more about the ARIA Packet Intelligence application and
other CSPi cybersecurity solutions visit booth #6480, in the North
Expo hall at RSA 2019.
About CSP Inc. CSPi (NASDAQ:CSPI) maintains two distinct and
dynamic divisions – the High Performance Products, including the
Cybersecurity Center of Excellence, and Technology Solutions – with
a shared vision for technology excellence. CSPi’s cybersecurity
solutions are born from network security, data protection and
intelligence initiatives with the department of defense and western
intelligence agencies. This experience provides a unique
perspective to protecting an organization’s critical assets to
minimize, or remove, the impact threats including data breaches.
Our ARIA Software Defined Security platform solves the complexities
associated with securing devops environments, while our Myricom
nVoy Series appliances provide automated breach identification and
notification, enabled by the 10G dropless packet capture inherent
in our Myricom® ARC intelligent adapters. CSPi’s Technology
Solutions division helps clients achieve their business goals and
accelerate time to market through innovative IT solutions and
security services by partnering with best in class technology
providers. For organizations that want the benefits of an IT
department without the cost, we offer a robust catalog of Managed
IT Services providing 24×365 proactive support. Our team of
engineers have expertise across major industries supporting five
key technology areas: Advanced Security; Communication and
Collaboration; Data Center; Networking and Wireless & Mobility.
For more information, please visit www.cspi.com. Myricom and ARIA
are trademarks of CSPi Inc. All other brand names, product names or
trademarks belong to their respective owners.
Amy CareyVP, Corporate & Security Product Marketing
Amy.Carey@CSPi.com
Csp (NASDAQ:CSPIE)
Historical Stock Chart
From Apr 2024 to May 2024
Csp (NASDAQ:CSPIE)
Historical Stock Chart
From May 2023 to May 2024