3 Ways 5nine Software Aligns with Gartner’s 2016 List of Top Information Security Technologies
Every year the Gartner Security & Risk Management Summit provides security, governance and business continuity executives with the practices and strategies they need to maintain cost-effective risk management programs. At this year’s Summit they issued a press release highlighting the top technologies for information security in 2016. These technologies have clear alignment with 5nine’s strategic roadmap, as many of them are already embedded into the DNA of several 5nine solutions.
Topping Gartner’s list was emerging technologies for both endpoint and cloud security:
- Behavior analytics and machine-learning techniques can enable organizations to continuously analyze data for earlier identification of exploits and breaches (both outside and inside threats). The technology enables organizations to rapidly respond to those attacks even in the absence of existing malware/attacks signatures.
- Multiple advanced pattern analysis and machine learning-based malware prevention using mathematical models can be used as an addition or alternative to signatures for malware identification and blocking. Gartner states that purely signature-based approaches for malware prevention are ineffective against advanced and targeted attacks.
- User and entity behavioral analytics (UEBA) can enable broad-scope security analytics, much like security information and event management (SIEM) enables broad-scope security monitoring. UEBA provides user-centric analytics around user behavior and event correlation. This type of correlation makes the results of security analytics more accurate and threat detection more effective.
Machine learning, pattern analysis and adaptive analytics are all techniques embedded into the intelligence of 5nine Cloud Security.
Our extensive competencies in machine learning algorithms, neural networks and security analytics, as well as our deep knowledge of virtualization technologies have allowed us to create innovative security solutions that detect and protect organizations from both known and yet-to-be documented exploits and malware.
5nine Cloud Security leverages these techniques to protect cloud environments on different levels and in the following functional areas:
Our anomaly analysis system is based on an adaptive machine learning algorithm, which compares current network traffic and application requests with previously built patterns. It enables organizations to detect both known and not yet documented exploits and intrusion attempts, and also allows for proactive data forensics (anomaly analysis and security statistics modules). 5nine Cloud Security also enables organizations to collect all network traffic data from the Microsoft Virtual switch, and subsequently export it to various security analytics and forensics systems including SPLUNK and Microsoft OMS (https://www.microsoft.com/en-us/cloud-platform/operations-management-suite).
Our virtual firewall isolates and safeguards virtual machines by way of a very simple management interface used to create security rules (for network traffic and packet analysis); the latter can also be done programmatically via PowerShell or REST APIs. The solution is elegantly implemented via an agentless patent pending filtering extension that does not require installing any software into the virtual machine.
Agentless Anti-Malware Scanning
Our agentless anti-malware scanning capability provides non-intrusive, resource saving protection of both virtualization hosts and virtual machines. Its scans are the fastest in the industry and utilize patent pending AV virtual disc change block tracking technology.
Our intrusion detection system uses the same filtering extension as our virtual firewall, matching the traffic against Cisco SNORT for Business signatures.