Logtrust launches real-time integrated threat analytics
Big data analytics specialist Logtrust is using RSA to launch a new solution for delivering real-time, integrated threat analytics.
The program enables companies to build solutions that analyze the historical behavior of systems and attackers in order to detect, understand and eliminate potential threats in real-time — even those that are coming from multiple sources, across multiple devices.
Key features of the Logtrust solution include the ability to continuously ingest multiple log formats, and conduct searches and queries on live and historical data via simple point-and-click interface without complicated coding.
Fast historical analysis can be carried out, allowing analysts to selectively slice/dice and replay network sessions and events, and visualize the data through graphs and diagrams. It can uncover live communications occurring with adversaries, hunt for dynamic event data changes in topology, search for both passive and active new event data changes.
In addition it allows real-time monitoring on all ports, protocols, perimeters and internal traffic, and detection of volume changes for high-value asset data traffic that may indicate suspicious activity.
“Under the barrage of constant cyber attacks, organizations are blindsided by misleading indicators and often can’t determine why and when a security-related event has occurred,” says Pedro Castillo, CEO of Logtrust. “The number of moving pieces that cyber security teams have to monitor, correlate and analyze is prohibitive, leaving companies exposed.”
Through its partnership with Panda Security, Logtrust’s solution also enables key capabilities of the Panda Adaptive Defense next-generation endpoint protection solution, such as the recording, visualization, analysis and reporting of endpoint and user events in real-time, for any period.