Story image

Corelight and Exabeam partner to improve network monitoring

14 Dec 2018

Network visibility solutions provider Corelight, and security information and event management (SIEM) provider Exabeam have announced a strategic partnership that will combine network security monitoring (NSM) with behaviour analytics and automated incident response capabilities.

The combined solution, which integrates Corelight Sensor data with the Exabeam Security Management Platform, helps joint customers in their efforts to detect, investigate and respond to increasingly advanced threats.

Many attacks move laterally through a network, leveraging users and machines in search of high-value data.

These attackers are often difficult for security teams to detect, as their movements blend in with legitimate user activity and network traffic.

The combination of lateral movement and siloed usage of point security products leaves many security teams vulnerable to compromise.

The joint Exabeam and Corelight solution aims to augment, provide additional context to, and enable rapid analysis of network data.

Corelight Sensors provide real-time actionable insight into network traffic across multiple business sites by extracting hundreds of security-relevant pieces of data across multiple protocols and data types.

Since virtually all attacks must traverse networks, making network security monitoring a fundamental part of cybersecurity defence is an essential step for any organisation.

Based on open source network analysis framework Zeek (formerly known as Bro), Corelight Sensors serve as a unifying foundation for security teams that require visibility into the data on their networks.

Exabeam ingests network alerts from Corelight Sensors via syslog and combines them with existing log data, third-party tools, and contextual data from identity and authentication tools to establish a baseline of normal behaviour for all assets in an organisation — including communication patterns, ports and protocols used, and operating activity.

The Exabeam Security Management Platform identifies risky, anomalous device activity that may be indicative of a security incident or compromise.

By gathering all related events into Exabeam Smart Timelines, prebuilt timelines that automatically reconstruct the events underlying security incidents, the platform enables analysts to stop spending time combing through raw logs to investigate.

The joint solution enables security analysts to easily identify suspicious activity and remediate threats in real time.

Corelight chief product officer Brian Dye says, “Data is the lifeblood of the network, but deciphering the right data at the right time can be a complex and time-consuming task.”

“Corelight Sensors alleviate this complexity by capturing enterprise-grade data organised into actionable logs that are then enriched and contextualised by the Exabeam Smart Timelines.”

Chillisoft rounds out portfolio with file integrity vendor
Tripwire is the fourth vendor for Chillisoft in six months, adding critical security controls, vulnerability management and file integrity monitoring.
ESET researchers break down latest arsenal of the infamous Sednit group
At the end of August 2018, the Sednit group launched a spear-phishing email campaign, in which it distributed shortened URLs that delivered first-stage Zebrocy components.
Google 'will do better' after G Suite passwords exposed since 2005
Fourteen years is a long time for sensitive information like usernames and passwords to be sitting ducks, unencrypted and at risk of theft and corruption.
Who's watching you? 
With privacy an increasing concern amongst the public, users should be more aware than ever of what personal data companies hold.
Fake apps on Google Play scamming users out of cryptocurrency
Fake cryptocurrency apps on Google Play have been discovered to be phishing and scamming users out of cryptocurrency, according to a new report from ESET.
Optic Security Group celebrates Axis accolade
Auckland-based business security systems provider Fortlock has picked up an award at Axis Communications’ annual Oceania Axis Partner Summit 2019.
Managing data to comply with privacy regulations - Micro Focus
It’s crucial for organisations to be able to access, understand, and accurately classify the data they have so they know how to treat it.
Hackbusters! Reviewing 90 days of cybersecurity incident response cases
While there are occasionally very advanced new threats, these are massively outnumbered by common-or-garden email fraud, ransomware attacks and well-worn old exploits.