Global DataGuard - Threat Management

Home \| Solutions \| By Technology \| Threat Management (TM)
By Compliance PCI SOX HIPAA NERC CIP By Business Small Business Mid-Sized Business Enterprise By Technology Threat Management (TM) Intrusion Detection/Prevention (IDS/IPS) Network Behavioral Analysis (NBA) Vulnerability Management (VM) Unified Management Console (MCU) MSP Platform (MSP) Firewall/SysLog Monitoring (FSM) Network Access Control & Monitoring (NAC) On-Demand SRM Managed Security Services (MSS) Professional Services Global DataGuard, Inc. 14800 Landmark Blvd Suite 610 Dallas, TX 75254 972-980-1444 Sales Inquiries 1-972.980.1444, ext. 226 Press Inquiries 1.210.651.3430	Threat Management The Security Dashboard Module (SDM) provides you with immediate single-source access to all threat data, including an easy-to-use, instant view of prioritized security threats and the underlying data that created them. It allows you to correlate data and prioritize security threats from multiple security, network and server sources, including network, global and posted vendor threats, as well as detected vulnerabilities. The SDM enables you to instantly identify the most critical network threats, determine the best path for remediation and gather data for forensic reporting. Because of its extensible architectural design, the SDM requires no tuning or correlation rules, so you don’t waste time attempting to integrate complex SIM software with third-party security products or implementing, updating and maintaining multitudes of SIM correlation rules. Features: Click title to read more Security Business Intelligence The SDM makes security event management successful because it makes alerts from multiple and complex sources more relevant and useful to both operators and management by linking threats to the business assets they target. An organization focuses their security resources on “what really matters” on a daily basis. The SDM brings clarity and facilitates operational excellence. It automatically maps threats to assets in within various network segments or even lines of business with required remediation recommendations. Security operations’ performance, actions and risk are directly visible and relevant to business managers and operations personnel. All of this intelligence is obtainable through GDG’s innovative minimal maintenance approach. Other benefits include being able to create security operations performance metrics, proving ROI and the beneficial effects of new technologies and programs. GDG’s security event management solution delivers so much more value beyond alert prioritization and vulnerability scanning. ⊗ Close Section SEM Success Made Easy The SDM’s approach is different from the high maintenance strategy required by other security event management (SEM) products. Its embedded database is scalable to global enterprise levels, yet optimized to the SDM’s needs. No DBA, database experience (or expensive Oracle license) required. The SDM’s patent-pending behavioral correlation algorithms automatically identify threats before they become compromises, and require nothing more than limited access to your corporate network to keep the SDM’s internal asset and threat database up to date. So you’re up and running immediately, and instead of spending time implementing and managing the SEM alert correlation rules, you’re successfully saving money and time, protecting your network, and mitigating network security risk. ⊗ Close Section Scalability and Architecture Routinely handling many millions of events per day in real-time, the SDM was architected from the ground up to deliver true real-time performance without the expensive and disruptive hardware infrastructures that other security event management systems require. With different data paths for correlation, persistence and alert analysis, the SDM’s architecture truly delivers the right data for consistent, predictable, easily manageable performance. The SDM is the only turnkey enterprise-scale security event management product that is fast and efficient enough to scale up to global implementations with thousands of sensors and unlimited numbers of corporate assets. ⊗ Close Section Security Business Intelligence SDM makes security alerts more relevant and useful to both operators and management by linking threats to assets they target. The SDM automatically and continuously correlates, consolidates, and prioritizes all of an organization’s threats and vulnerabilities into a single simple screen. Through it’s simple point-and-click design, the security analyst can open additional “drill down” screens to obtain the underlying data and necessary details to easily identify and remediate the threat or vulnerability in question. ⊗ Close Section Real-Time Vulnerability Correlation SDM reduces false positives and enhances alert relevance by matching inbound event data from GDG’s intrusion detection / prevention sensors and vulnerability scanner (VS) results. This process escalates attacks that have the highest potential to be successful, and modifies the risk associated with other attacks based on correlation of VS scan results and age of the alert. ⊗ Close Section Global Alert and Vulnerability Knowledge SDM enables smarter preventative planning by delivering a complete overview of an organization’s exposure and security risks within the global community. In short, you benefit from the knowledge, experience, and activities occurring in real-time. The SDM continuously monitors and updates its repository of all known alerts, threats, vulnerabilities and IDS signatures, which are collected, integrated, correlated and normalized by GDG from a global community of external sources. ⊗ Close Section Published Vendor Alert Correlation SDM displays a prioritized list of posted independent software vendor threats and automatically correlates them with your corporate assets. Posted vendor threats which your assets are NOT vulnerable to will not be displayed. Via the simple and intuitive user interface (UI), analysts are able to easily drill-down through each posted Vendor threat to review the ‘Threat Detail’ to locate the system(s) requiring remediation. Subsequently drilling down on the IP address link on the Vulnerable Systems page will open the latest Vulnerability Report for each system, providing threat information including remediation guidance. ⊗ Close Section Extensible Threat Taxonomy You can customize the security threat level to meet the demands of your corporate security posture. The SDM automatically allocates every identified signature, behavioral alert, and known exploit into a user-extendable taxonomy, representing the intrinsic risk of each attack. The risks can be modified according to your security posture, and custom correlation rules can be added to tune pre-exploit threats. ⊗ Close Section Informed Responses The risks and costs an organization faces are dramatically reduced the faster an attack is dealt with. To help ensure speedy resolutions, the SDM reduces the need for front-line operators to escalate threats to higher level security professionals by providing enriched remediation procedures and patches to qualified IT resources enabling faster tier-one remediation and mitigation procedures.. ⊗ Close Section Improved Security Operations The SDM enables managers to make informed resource allocation decisions by reporting and analyzing operational response times, resolution metrics and team efficiency. Through the online reporting capabilities, managers and department heads can effectively assess corporate security risks and monitor assigned remediation activities right down to the individual employee. ⊗ Close Section Secure Reporting, Analysis and Visualization New topology views allow operators to see the “anatomy of an attack.” Multi-dimensional management reports and analyses, both interactive and batch-based, can be accessed via user-specific dashboards. Combined with comprehensive role-based security, audit analyses and GUIs, the SDM securely delivers the right information to the right users the right way. ⊗ Close Section Threat Management related products/downloads: Security Dashboard Module Datasheet (I-6000-G)

Threat Management

Features:

Threat Management related products/downloads: