페이지 선택

The next generation of security needs to “identify attacks as they are happening”. This is where behavior analysis can step in and be used as a real-time security defense tool. Today, SIEM’s are effective at identifying attack patterns but they are not sophisticated enough to convert their threat correlation analytics into actionable events, such as creating dynamic policies to quarantine a suspicious internal host, or creating a firewall policy to block access to a destination IP and a specific application.

Today, sandboxes, detonators, or emulation engines do provide zero-day detection of malware files, but even with these solutions, the first infection is typically allowed to happen.

To address today’s sophisticated threat landscape, a single platform that can provide full cycle threat detection and remediation is necessary:

  • Threat detection -Behavior analysis (BA) using big data analytics for security event detection is complimentary to sandbox systems and can be used to identify attacks as they are happening.
  • Incident Response and Forensics -Behavior analytics can provide a complete audit trail of the attack from beginning to end.
  • Remediation -The advantage of integrating BA into a firewall is that the alerts can be easily converted to actionable events, with the firewall platform able to dynamically create security policies to block the event as its happening.

Hillstone Adds Botnet C&C Prevention to StoneOS

Vulnerability Notification: Microsoft Windows Shell Zip File Remote Code Execution

Vulnerability Notification: Cisco Adaptive Security Appliance Webvpn XML Parser Double Free

Announcing Enhancements to Hillstone Networks CloudView

Announcing the Hillstone Server Breach Detection System 2.1

Vulnerability Notification: Adobe ColdFusion Deserialization

Vulnerability Notification: Oracle WebLogic Server XmlAdapter Deserialization

Statement on Vulnerability: Hillstone Networks does not use Intel Processors in its NGFW

Hillstone Responds to Bad Rabbit Ransomware