One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 462740 |
| Date de publication | 2018-01-31 14:00:00 (vue: 2018-01-31 14:00:00) |
| Titre | Threat Detection in a Changing Market: A Conversation with AlienVault MSSP Partner Sword & Shield |
| Texte |
Recently, I had a chance to speak with Jason Graf, director of managed security services for Sword & Shield Enterprise Security, a top Managed Security Services Provider (MSSP) based in Knoxville, Tennessee. We talked about the evolving threat landscape and the challenges associated with detecting and analyzing ransomware and other emerging threats on a daily basis.
Graf started the discussion by providing context around Sword & Shield’s business, which has been protecting critical data for mid-to-large-sized companies for more than 20 years. The company started focusing on managed security services five years ago as attacks became more sophisticated and burdensome for companies. The MSSP’s core business is to provide 24/7 detection and response capabilities against cyber threats for its customers.
“Sword & Shield combines expert analysts, proprietary processes, and advanced technology to protect our clients around the clock, 365 days a year. We take this responsibility seriously, so we only use technology that is up to the task.”
Graf went on to explain that Sword & Shield’s managed security services also helps companies to achieve industry compliance. “Compliance is a key driver of our services, particularly for companies in the healthcare and retail industries that need to satisfy regulatory and industry requirements.”
Graf said the Sword & Shield team of security analysts monitor from 1,000 to 20,000 assets per customer environment - every day. That’s a lot of assets! Not only are there more assets than ever to monitor today, but security threats are also getting more complex and harder to detect.
Sword & Shield relies on AlienVault® Unified Security Management® (USMTM) to detect and analyze their customers’ threats. USM includes built-in security controls and continuous threat intelligence updates from AlienVault Labs to simplify threat detection and incident response. A unified approach to security monitoring eliminates the need for Sword & Shield to manage multiple solutions, saving them time and money.
Sword & Shield also leverages threat intelligence updates from AlienVault’s Open Threat Exchange® (OTXTM), which monitors emerging threats from all over the world. By leveraging USM and OTX, Sword & Shield can focus on delivering value to their customers through threat detection and SOC data analysis to more rapidly grow their managed security services.
Graf likes the comprehensiveness of USM as compared to other security solutions. He explained that it goes well beyond just providing traditional capabilities of SIEM and log management. “While other providers offer point solutions, AlienVault’s USM provides a holistic, unified solution with essential capabilities including intrusion detection and vulnerability management.”
For Sword & Shield, pinpointing where hacker command and control communications are before they are used for malicious activities is important. The MSSP can consolidate their alarms, vulnerabilities and configuration issues into a single view through USM Central, our threat management console available with the USM platform. A consolidated view of the threats detected in their end customer environments enables Sword & Shield to work more efficiently and respond more quickly to any security incidents detected.
|
| Envoyé | Oui |
| Condensat | “i’m “sword “compliance “while 000 24/7 365 about achieve across activities added advanced against aggregating ago alarms alienvault alienvault® unified alienvault’s all also amazon analysis analysts analyze analyzes analyzing any anywhere applications approach are around assets associated attacks available azure back based basis became because been before benefits beyond both brings built burdensome business but can capabilities central challenges chance changing checking click clients clock cloud collects combines command communications companies company compared complex complexities compliance comprehensive comprehensiveness configuration configure console consolidate consolidated context continuous continuously control controls conversation core critical current currently customer customers customers’ cyber daily data day days delivering demand detect detected detecting detection different director discussion driver efficiently eliminates emerging enable enables end enough ensuring enterprise environment environments essential ever every evolving exchange® excited expert explain explained five focus focusing forward from further get getting goes graf grow hacker had harder has healthcare helps here holistic implementing important incident incidents includes including industries industry information infrastructure insights integrating with intelligence intrusion issues its jason just key knoxville labs landscape large leverages leveraging likes log logs look lot malicious manage managed management management® market: microsoft mid migrate more money monitor monitoring monitors months more mssp mssp’s multiple need networks new not offer office only open other otx otxtm over particularly partner per physical pinpointing platform please point premises processes program proprietary protect protecting provide provider providers provides providing quickly ransomware rapidly realized recently regulatory relies requirements requires respond response responsibility retail right saas said satisfy saving security seeing seriously service services shield shield’s siem simplifies simplify single sized soc solution solutions sophisticated speak started storage such support sword take talk talked tap task team technology tennessee than that’s them threat threats through time today top traditional unified updates use used using usm usmtm utilizing value view visibility vulnerabilities vulnerability web well went where which will work works world year years |
| Tags | |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.