The solution provides full traffic visibility in real time via insights from the deep packet inspection (DPI) engine. In combination with the advanced analytics provided by machine learning and anomaly detection technologies, this enables enterprises to detect both known threats that have a documented detection signature, as well as new attacks and abnormalities that have not been identified previously and are difficult to spot using classical cybersecurity tools. These complex and new attacks can be revealed by correlating heuristic data and behavioral analysis as well as by extracting content and metadata of network traffic. When linked to threat intelligence platforms or SIEM tools such as Splunk, the collected data is correlated and analyzed to detect and alert on abnormal network behavior in order to apply security policies. Additionally, the solution includes network traffic recording capabilities delivering fine-granular visibility of traffic history for accurate forensic analysis and threat qualification.
“The advanced threat detection solution provides an all rounded approach to threat analytics: from classical IDS-like alarms to identification of potential anomalies and threats based on correlated deep traffic information and statistics in time,” said Irina Palade, Product Manager at Rohde & Schwarz Cybersecurity. “This makes it possible to detect compromised hosts, spot lateral movement or network malfunction – whether it’s malware, insider action or advanced persistent threat.”
“The solution provides a key source of threat intelligence not only to protect against zero-day attacks and to reduce detection-to-containment times but also to aid in the follow-up investigation to make security improvements after a threat has been neutralized,” added Jarrod J.S. Siket, Chief Marketing Officer at Napatech.
The solution will be presented at this year’s Black Hat Europe at booth 205 and 206, at the EXCEL London, December 4-7.
About Napatech
Napatech helps companies to reimagine their business by bringing hyperscale computing benefits to IT organizations of every size. We enhance open and standard virtualized servers to boost innovation and release valuable computing resources that improve services and increase revenue. Our reconfigurable computing platform™ is based on a broad set of FPGA software for leading IT compute, network and security applications that are supported on a wide array of FPGA hardware designs. Additional information is available at: www.napatech.com
About Black Hat
For 20 years, Black Hat has provided attendees with the very latest in information security research, development, and trends. These high-profile global events and trainings are driven by the needs of the security community, striving to bring together the best minds in the industry. Black Hat inspires professionals at all career levels, encouraging growth and collaboration among academia, world-class researchers, and leaders in public and private sectors. Black Hat Briefings and Trainings are held annually in the United States, Europe and Asia. More information is available at: www.blackhat.com. Black Hat is organized by UBM Americas, a part of UBM plc (UBM.L), a marketing and communications services business. For more information, visit www.ubmamericas.com.