Australian cyber tech firm Nuix said its Insight Adaptive Security is the first product to tightly integrate cybersecurity threat prevention, detection, response, remediation, and deception in one solution.
It said unlike traditional endpoint security products, Nuix designed its adaptive security platform from the ground up to provide an end-to-end approach for protection. Most endpoint security products focus only on a few links of the security kill chain, forcing organizations to invest in multiple point solutions in order to implement a complete security workflow. This inevitably leads to greater risks, costs, and productivity losses.
“Previous attempts at applying an adaptive model to security software have failed because they’ve ineffectively cobbled together several overlapping tools that were never intended to work with each other, creating a sort of ‘security Frankenstein’,” said Eddie Sheehy, CEO of Nuix Read the earlier CBR interview with Eddie Sheehy. “Nuix Insight Adaptive Security is a tightly integrated endpoint defense solution that closes the feedback loop between sensing, filtering, detecting, and disrupting security events earlier in the kill chain.”
Nuix Insight Adaptive Security combines six security technologies into one lightweight, intelligent endpoint agent, featuring:
Digital Behavior Recorder™: Continuously monitors and records endpoint activity straight from the kernel, including users, processes, Windows Registry changes, user sessions, DNS queries, file system information, Netflow communications, removable media, and print jobs
Real-time detection: A multilayered threat detection stack that automatically identifies malicious activity
Intelligent protection: Includes whitelisting, blacklisting, application control, and behavioral blocking
Response and investigation: Automated and manual options including incident triage and investigation capabilities allowing security analysts to search, filter, and organize single or multiple data sets collected by the Digital Behavior Recorder
Remediation: Allows analysts to terminate malicious processes based on their process identifier (PID) and to delete files and Windows Registry keys
Deception: Fake listening services that help analysts identify attackers during the reconnaissance phase of their attacks.
To understand the continuously changing threat landscape and the challenges it presents to organizations’ security posture, Nuix employs a team of security consultants including pentesters, incident response experts, social engineers, and digital forensic professionals. Through field activities and client engagements, these consultants stay up to date with evolving security threats and attack techniques. Nuix then incorporates the intelligence they gather into the platform’s logic engine so it can take automatic actions that help protect customers from advanced attacks.
“I always get excited when I run across a product designed, built, and refined by experienced security practitioners”, said Adrian Sanabria, Senior Security Analyst at 451 Research. “The endpoint has long been a blind spot for enterprises, partially because they just generate too much data.
“Without a vendor that understands how to manage that data properly—how to filter and prioritize it—there’s a high likelihood that continuous endpoint recording products will create more problems than they address. It is crucial these products avoid adding to the existing toxic problems of information overload and alert fatigue that security practitioners are struggling with.”
Nuix Insight Adaptive Security is now available to enterprise customers who join Nuix’s Early Adopters Program. It is the first release from the Nuix Insight range of security and intelligence products. Later in 2016, Nuix will release Nuix Insight Analytics & Intelligence, a four-dimensional security intelligence platform for breach investigations, deep-dive forensics, and analysis.