Analyzing the ‘breadcrumbs’ that are hiding in your Palo Alto Networks IDS logs
Detecting an intruder at the point of entry can have the greatest impact on reducing system compromise. That is why Network Intrusion Detection and Prevention Systems (NIDS/NIPS), such as Palo Alto Networks, are essential tools for any security organization, whether they are protecting the data of a large financial services company or the sensitive research and valuable intellectual property of a university.
The downside is that these systems generate such a high-volume of data even large, mature security teams do not have the capacity to analyze all the data collected.
A common strategy for dealing with this volume of data is to apply rules to filter data, such as, ‘only show me alerts that appear to be high priority’. The result is that a great deal of relevant security data is disregarded, limiting visibility into relevant clues and context which would save time in identifying and responding to actual threats.
Imagine being able to increase the visibility and depth of analysis by leveraging all security threat events from your Palo Alto Networks’ devices.
As a recognized Palo Alto Networks Technology Partner, Respond Software seamlessly integrates into existing PAN NIDS/NIPS implementations and immediately begins providing value by taking over the monitoring, analysis and decision-making required to turn NIDS/NIPS data into vetted, actionable security incidents that are ready for human analyst response. Out-of-the-box, Respond Analyst’s accuracy rate is between 83-92%, after a month on the job, accuracy rates push higher – with many customers reporting nearly 100% accuracy after 60-90 days.
Currently, Respond Analyst is skilled in Network Intrusion Analysis from nearly any sensor and Malware Event Analysis from the leading Malware Detection solutions. Respond Analyst will have new skills available later in 2018.