Enhancing Cyber Incident Resolution with Automated Threat Verification

0

huntsman-logoIt SIEM’s Huntsman Security has developed game changing technology that makes a real difference in cyber security incident management and resolution.

Huntsman Security, owned by Sydney based cyber security company, Tier-3, today announced the launch of its new vendor-agnostic machine learning-based Automated Threat Verification (ATV) technology. CEO Peter Woollacott, says this is one of the most exciting updates in the security technology space for years and, “There has never been more security intelligence available to support cybersecurity specialists. The problem however is that there is a dependency on manual processing of this machine-generated information. Consequently, security specialists are struggling to isolate the real threats from the noise and valuable time is lost.” Woollacott went on to say, “In environments that generate billions of events per day, current solutions can’t scale for speedy detection or resolution. With ATV at its core the Huntsman Analyst Portal® dramatically reduces the critical delay between threat detection and resolution by focusing analyst resources on the threats that really matter.”

Huntsman Security prides itself on its extensive client-base across the global defence and national security sector and is deployed in a variety of mission critical security environments, national intelligence, border protection, banking and infrastructure. The Huntsman Defence Grade Security Platform offers solutions that proactively detect indicators of compromise (IOCs) and allow security analysts to quickly resolve issues.

The company claims its new ATV technology has been shown to provide unprecedented levels of accuracy where the Huntsman Analyst Portal® automatically verifies in seconds whether reported threats are real, whether they pose an unacceptable risk to the organisation, and what options are available for their mitigation. By eliminating false alarms and verifying the threats, Huntsman ATV immediately sends a high alarm with a rich package of information to security analysts for their immediate attention.

“This is the cybersecurity industry’s first machine-based threat verification technology, and it’s much needed. Detection technologies and services are becoming more and more effective at generating alerts for wide ranging potential threats, but this has resulted in increasing analyst overhead and delays from threat detection to incident response – there needed to be a way to automate analyst workflows so they can focus on what truly threatens the organization,” commented Richard Byfield, Founder & Managing Director at Datacom TSS.

This is an exciting development for the Australian cyber security vendor landscape and it’s heartening to see world class innovation coming from a local company. If the proof of the pudding is that Huntsman ATV really can reduce the time-at-risk to mere seconds, this will be a truly disruptive force within the Incident Management landscape.

What was the idea behind developing the ATV capability?

Jason Legge, Head of Security Consulting

It’s crystal clear to us that automation is fundamental to managing the large volume of machine generated alerts that incident response teams need to work through; manual processing of machine generated output is not sustainable. The current industry average time from infection to detection is 205 days and then a further 69 days from detection to resolution.  This is an unacceptable level of exposure to business risk for any organisation.

There are many solutions in the market place that work to support businesses in their quest for cyber resilience.  However, there is often a limited budget and sunken costs in existing technologies.  Our vendor agnostic solution has the benefit of working with organisations existing technologies which also means that a best of breed philosophy can be engaged when managing your business’s unique cyber risk profile.  The Huntsman Analyst Portal®, with its automated threat verification capability is easily integrated and will slash an organisation’s time at risk.

Share.

Comments are closed.