Ixia enhances application and threat intelligence processor

Ixia has enhanced its Application and Threat Intelligence Processor (ATIP),  which enables customers to rapidly extract security metadata, including Indicators of Compromise (IOC), and fast-track that information to reporting tools to speed Mean Time to Identify (MTTI) and Mean Time to Respond (MTTR) to security threats and malicious behavior.

  • 8 years ago Posted in
New enhancements to ATIP now enable security and network professionals to rapidly extract metadata from their network connections, including IOC, spanning URLs, Uniform Resource Identifiers, Session Initiation and Cisco Discovery Protocols, Domain Name System Text, and User Agent.  This deeper context aware metadata enables existing reporting tools to deliver analysis results quickly and effectively, resulting in significant improvements in MTTI and MTTR to threats and suspicious activity.
 
In March 2016, the Ponemon Institute reported that it takes on average, 170 days to detect an advanced attack, 39 days to contain it and 43 days to remediate it. In addition, as the amount of traffic on a network surges, it becomes increasingly important to rapidly analyze large volumes of data, or metadata, both unencrypted and encrypted.  This analysis enables identification of malware infections known as Indicators of Compromise (data that identifies potentially malicious activity on a network).
 
“Reducing the time to identify and respond to cyberattacks is critical to today’s business,” said Jim Duffy, senior analyst, 451 Research. “Ixia’s ability to quickly analyze context-aware metadata in a network can be a valuable tool in gaining visibility into anomalies and ultimately resolving security breaches.”
 
“Ixia is committed to leveraging and extending our decade-plus experience in advanced malware research to solve the key challenges facing network operators today,” said Scott Register, vice president of product management at Ixia.  “We make significant investments in research that helps our customers to quickly identify inevitable security breaches with minimal investment of time and money."
 
Ixia’s ATIP is a key component of the company’s Security Fabric, a context-aware, self-healing, data distribution engine that powers Ixia’s network packet brokers (NPBs).  Using ATIP, Ixia’s Security Fabric provides rich context such as geolocation, browser, and device on each packet for optimal distribution to security tools.  ATIP works in conjunction with advanced reporting solutions from leading vendors including Plixer, LiveAction, Splunk, and Dynatrace, to provide key insights that accelerate detection of data breaches without the added cost of a specialized forensic monitor. 
 
For example, Scrutinizer™ from Plixer International provides a behavior analysis system for cyber threat detection and forensic analysis that leverages flow data to uncover unwanted activity. Ixia’s ATIP generates and forwards an expanded NetFlow data feed, called IxFlow, to Scrutinizer.  This expanded data feed compliments Scrutinizer, allowing it analyze information from all points in the data center, enabling administrators to identify users, device types, operating systems, and applications that generate excessive traffic or security threats.  Malware can be quickly isolated and unwanted behaviors can be eliminated.
 
“Ixia’s IxFlow exports provide much richer data and deeper context than is available through NetFlow alone.  With the latest enhancements to ATIP, Ixia has added indicators of compromise,” stated Mike Patterson, CEO of Plixer.  “Joint Plixer and Ixia customers can leverage this new information to identify compromised devices, provide user accountability and speed time to resolution, which are critical capabilities when security events have taken place.”
Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
73% of organizations lack automated patch management, and 62% experienced incidents involving...
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with...
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to...
Aqua’s cloud native application protection platform becomes the only solution that protects cloud...
54% of organisations working on a security transformation project now or in the next 12 months.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Zscaler Zero Trust exchange cloud-based architecture enables superior green security capabilities...