SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Arbor brings order to the chaos with new security platform
Fri, 26th Feb 2016
FYI, this story is more than a year old

Arbor Networks has introduced a new security platform for advanced threat protection. Known as Arbor Networks Spectrum, the platform is designed specifically for security teams and provides the means to search the entire network to uncover, investigate and prove sophisticated attack campaigns in a timely manner.

Arbor Networks Spectrum integrates ATLAS global threat intelligence with real-time visual workflows and analytics of all network and threat activity, past and present.

Active Threat Level Analysis System (ATLAS) is a global collaborative platform with more than 300 Arbor service provider customers sharing traffic and threat data, giving Arbor visibility into approximately one-third of all internet traffic.

Arbor's Security Engineering and Response Team (ASERT) utilises a combination of ATLAS information, in-depth malware research and data from real-time botnet activity monitoring to understand current threats. ASERT knows when an attack is launched, and what data the attackers are receiving back, enabling Arbor to provide much needed risk context.

Integrating ‘speed of thought' workflows and Arbor's visibility into threat actor activity happening on the global internet enables security teams to see internal conversations and lateral movement of attackers on customer networks in order to reduce business risk from advanced cyber-threats.

Sam Curry, Arbor Networks chief security and technology officer, says, “The good guys deserve an unfair advantage through smarter approaches and processes. From the network, you can see all communications immediately and everywhere.

“You can look behaviourally and with pattern matching, you can look back in time, interrupt command and control, and updates to bots and tools. No matter how dramatic the changes to network infrastructure have become, all roads lead back to the truths that only network traffic reveals.

The platform instruments flow and performs packet capture, allowing defenders to surface and then search to detect, investigate and prove threats within and across the network 10X faster than traditional forensics or SIEM solutions.

Matthew Moynahan, Arbor Networks president, says, “One of the greatest sources of enterprise risk today is not understanding that the attack environment has become personal.

“Sophisticated and persistent attackers design campaigns that evade traditional defences, and then exploit an incident response process that is noisy, event driven, and managed by overwhelmed and understaffed teams.

“As a result, CISOs are often unable to make proper risk-based decisions and guide their teams to focus and find the true threats that represent the highest source of risk to their organisations, while they are in process.

Jon Oltsik, Enterprise Strategy Group principal analyst, says, “Security analysts tend to behave like rogue detectives when conducting investigations, using a combination of commercial and open source solutions to deal with the sheer volume of incidents.

"Arbor is trying to bring some order to the chaos through a combination of internal and external traffic visibility, custom and third party threat intelligence, intuitive workflows and powerful data visualisations that empower the analyst to move quickly through the data."