Key Component of the Cisco Cyber Threat Defense Solution
Lancope’s StealthWatch System makes up a key component of the Cisco Cyber Threat Defense Solution, designed to combat today’s most stealthy, sophisticated cyber-attacks. Combining the advanced security capabilities of Lancope and Cisco, the solution provides unprecedented visibility into the network interior.
Complex, elusive threats can linger within a network for months or even years, stealing data and disrupting operations. The main goal of the Cisco Cyber Threat Defense Solution is to enable organizations to more quickly uncover network anomalies and suspicious behaviors that could lead to damaging attacks.
As part of its inclusion in the solution, StealthWatch includes specially tailored reporting dashboards for tracking:
- Network reconnaissance – probing of the network to uncover attack vectors that can be leveraged for customized attacks
- Internal malware propagation – the spread of malware across hosts on the internal network to gather security reconnaissance information, steal data or create backdoors for infiltrating a network
- Command-and-control traffic – botnet communications between attackers and compromised hosts within the network
- Data exfiltration – the export of sensitive information back to an attacker, generally via command-and-control communications
- Internal host reputation – uncovering users that conduct suspicious behavior inside the network
These intelligence dashboards provide a faster, more direct means of tracking the most nefarious types of attack attempts before they wreak havoc on network assets. Additionally, through Lancope's Operational Network & Security Intelligence (ONSI) dashboard, StealthWatch security alarms are closely aligned to these various steps of the cyber attacker’s “kill chain." This provides greater security context for faster threat detection, more precise incident response and improved troubleshooting of these stealthy, malicious behaviors.
More information on the Cisco Cyber Threat Defense Solution can be found here.
- MonitorObtain comprehensive, scalable enterprise visibility and security context.Gain real-time situational awareness of all users, devices and traffic on the network.Monitor lateral movement using the network as a sensor.
- DetectLeverage network behavior anomaly detection and analytics.Easily detect behaviors linked to APTs, insider threats, DDoS and malware.Benefit from StealthWatch Labs’ advanced security algorithms.
- AnalyzeCollect and analyze holistic network audit trails.Achieve faster root cause analysis.Conduct thorough forensic investigations.
- RespondAccelerate network troubleshooting and threat mitigation.Quickly and effectively respond to threats before, during and after a security incident.Continuously improve enterprise security posture.