Adds high-value, low-cost cybersecurity layer to EventTracker platform
to detect internal or external fraud and get specific, local threat intelligence fast
COLUMBIA, Md.— EventTracker, a leading provider of comprehensive and co-managed SIEM solutions, today announced EventTracker HoneyNet, a managed security service that enables any-sized enterprise to add a deception network layer to its cybersecurity defenses.
Forensic analysis of data breaches points to how long it takes to detect attacks and how current cybersecurity layers miss them:
- On average, attackers are active approximately 200 days in a network before detection
- More than 75 percent of all network intrusions are traced back to compromised credentials
- Almost all victims had up-to-date antivirus, which failed to detect or stop attacks
- The majority of the breaches were identified and reported by third parties, not by internal security systems
These facts make the case for EventTracker HoneyNet very compelling, because it provides a deception network that detects attackers early while simultaneously slowing them down: a two-pronged counterattack, which is powerful and effective. As hackers attempt to map the network, they trigger the virtualized lures, which detect the suspicious activity, provide false data to attackers and alert network administrators to the threat. Furthermore, deception delays the attacker and forces the attacker to “waste” time discerning what is real on the network.
EventTracker HoneyNet is a comprehensive solution that includes both technology and managed services for implementing, operating and monitoring to achieve rapid time-to-value and a high level of effectiveness. By delivering deception as a service, EventTracker enables enterprises to get results instantly—safer networks, better endpoint security, earlier detection of intrusion and threat intelligence that is relevant and specific to their own environments.
“Decoy networks are low cost and deliver high value, but configuring, maintaining and monitoring costs and complexity have put them out of reach for resource strapped IT teams,” said A.N. Ananth, co-founder and CEO of EventTracker. “Technology is only 15 percent of what you need. Our managed service is a complete solution with everything needed to make this highly effective approach feasible for the small and mid-market enterprise. Without services, most enterprises cannot get to the outcomes they want from a deception network.”
A honeynet, essentially a collection of honeypots, contains virtualized decoys that mimic desktops, servers, printers and other technology present in the network. Attacking hackers sniffing around a network looking to expand out from their beachhead cannot differentiate between decoy machines and the real thing. Decoys are maintenance-free until someone touches them, but at that point, any interaction can be presumed to be hostile. Integrated with the EventTracker Console, HoneyNet alerts network administrators of the suspicious activity and provides them with a situation awareness view of their network. The result is a very high-signal, low-noise solution that can help to uncover both internal and external threats and prevent alert fatigue. More critically, while other threat intelligence feeds offer information about global attacks, EventTracker HoneyNet delivers threat intelligence specific to the local environment.
Available as on-premise or cloud-based managed services, the EventTracker platform is a comprehensive suite of tools for threat detection and response that comprises SIEM, vulnerability scanning, intrusion detection, behavior analytics and other defense in-depth capabilities within a single management platform.
EventTracker’s advanced security solutions protect enterprises and small businesses from data breaches and insider fraud, and streamline regulatory compliance. The company’s EventTracker platform comprises SIEM, vulnerability scanning, intrusion detection, behavior analytics, a honeynet deception network and other defense in-depth capabilities within a single management platform. The company complements its state-of-the-art technology with 24×7 managed services from its global security operations center (SOC) to ensure its customers achieve desired outcomes—safer networks, better endpoint security, earlier detection of intrusion, and relevant and specific threat intelligence. The company serves the retail, hospitality, healthcare, legal, banking and financial services, utilities and government sectors.
EventTracker is a division of Netsurion, a leader in remotely-managed IT security services that protect multi-location businesses’ information, payment systems and on-premise public and private Wi-Fi networks. www.eventtracker.com. Twitter: @logtalk.
Deb Montner, Montner Tech PR