A platform that can detect a company’s internal threats? Many organizations and companies could have avoided major scandals if they acted in time: there’s the case of Snowden and the stolen NSA files, Bradley Manning and the US diplomatic cables, and Hervé Falciani and top-secret information from the HSBC private bank. These are all clear examples that, with cybersecurity, you can’t just cross your fingers and think “this won’t happen to me”. Any business could be threatened by an insider.
That’s why Panda Security has introduced the latest version of its Advanced Reporting Tool. This efficient and easy-to-use tool satisfies business needs; it is capable of maximizing Big Data performance to control the corporate resources.
Threats in the Workplace
PandaLabs detects 200,000 samples of new malware daily. It is imperative for businesses to control all security issues, especially those that stem from the misuse and abuse of corporate resources, leading to attacks, threats, vulnerabilities, or data leaks.
While Adaptive Defense collects all information on processes running on the endpoint, the Advanced Reporting Tool automatically stores and correlates this information. The platform automatically generates security intelligence that allow users to identify strange behaviors or problems.
The Advanced Reporting Tool enables the IT administrator to:
- Focus on relevant information, increasing efficiency in the IT department by finding security risks or misappropriation in the corporate infrastructure.
- Pinpoint problems by extracting behavior patterns from resources and users, identifying its impact on the business.
- Alert in real-time about all events that could be a potential data breach.
- Generate configurable reports showing the status of key security indicators and how they are evolving.
What does the latest version offer?
In addition to the existing Big Data Cloud Service and its real-time alerts, the latest version includes predefined and adaptable analysis with three different action areas:
- Information about IT security incidents: generates security intelligence then processes and associates those events as intrusion attempts.
- Controls network applications and resources: detects user patterns of IT resources.
- Controls access to business data:Shows information about the traffic generated on the network, what countries the company is connecting to and from, and information about users accessing data files via any applications that are not the usual ones.
Feedback from SIEM system
For organizations already using a SIEM, the Advanced Reporting Tool compliments it providing a SIEMFeeder which feeds your SIEM relevant data and associates it with the information you already have. The SIEMFeeder gathers information from all endpoints that are protected by Adaptive Defense.
The feedback provided by the SIEMFeeder enables you to detect insiders before they become the biggest threat to your business. The SIEMFeeder creates behavioral logics and locates all anomalies existing in your technological system.
Do I buy this product separately? Or is it already included in a product I may have?
This is a corporate product for big companies. What product do you already have?
Thanks for your comment!
Hola que tal, ¿puedo vincular Advance Reporting Tools con mi tecnología de SPLUNK?
Me urge saber, ya que estoy por adquirirla y de eso depende la decisión, por favor.
La integración de los eventos recogidos de los puestos de trabajo y servidores y enriquecida en la Plataforma de Adaptive Defense con un SIEM externo, como puede ser un ArcSight (on-premise) o Splunk (in the cloud) se hace a través del módulo SIEMFeeder. Este módulo genera los eventos en real-time en formato CEF o LEEF que son estándar y pueden ser “ingestados” por Splunk (ver información de splunk https://splunkbase.splunk.com/app/487/#/details).
Contacte con su comercial para tener más información al respecto.
Salve, come posso avere la versione prova del prodotto?
grazie in anticipo
Contatta il team italiano al seguente indirizzo e-mail: email@example.com