Respond Software’s Web Filtering Investigation and Discovery Offers Unprecedented Adversary Detection
The Respond Analyst Adds New Features to Ensure a More Secure Network While Conserving Organizational Resources
MOUNTAIN VIEW, Calif. – Oct. 29, 2019 – Respond Software, innovators in Robotic Decision Automation (RDA) for security operations, today announced the addition of web filtering investigation and discovery capabilities to its Respond Analyst solution. The Respond Analyst examines data that organizations already collect but don’t have the staff, tools or expertise to analyze correctly. Using the Respond Analyst is equivalent to hiring an expert team of Tier 1 analysts.
According to the Ponemon Institute’s 2018 State of the Endpoint Report, 57% of malware is undetected by antivirus solutions, while zero-day and fileless attacks are more likely to compromise an organization than existing or known attacks. Web filtering systems, such as Zscaler and Symantec Bluecoat, generate data about these breaches, yet because of the high volume of this data, it is not monitored for security threats.
Using the Respond Analyst to investigate and discover web filtering data, organizations can:
- Find attacks in realtime, including those that may never have been found, to reduce Mean Time to Detection (MTTD) and overall attack dwell time
- Consolidate common infections into a single incident
- Use less human power, freeing them to use financial and staff resources for other important tasks such as incident remediation and threat hunting
The Respond Analyst is the first solution that delivers realtime monitoring and triage of web filter data. It catches malware potentially undetected by other controls, such as signatures that are unknown or intrusion detection or prevention systems that cannot look at encrypted data, using actual behavior to identify compromised systems. The Respond Analyst combs through massive amounts of data from web filters including Palo Alto Networks, Symantec, McAfee, Cisco, Forcepoint, Carbon Black and ZScaler, using advanced mathematics to find infected systems that are linked to command and control behavior. Using web filter data in conjunction with Integrated Reasoning, the Respond Analyst enhances accuracy by corroborating malicious activity across multiple telemetries, reducing uncertainty.
Mike Armistead, CEO, Respond Software, said: “The Respond Analyst is the first solution to leverage the massive amount of data generated from web filters to reduce MTTD and attack dwell time at realtime instead of just during forensics. For instance, the Respond Analyst can detect beaconing activity, even if it occurs on an irregular basis over a long period of time, achieving something a human analyst may never be able to detect.”
Ed Amoroso, founder and CEO, TAG Cyber, said: “Malware, zero-day exploits and other threats have become common in most enterprise settings. Until now, organizations have had no easy way to look at the mountain of data generated from their security infrastructure. Respond Analyst’s new web filtering capability offers innovative ways for organizations to detect adversaries in their networks, ways that previously weren’t available or even possible using human support.”
Aaron Baillio, deputy chief information security officer, Oklahoma University, said: “At Oklahoma University, identifying attacks from the web consumes a significant amount of time and resources. Participating in Respond Software’s early access program allowed us to use the Respond Analyst to automate the identification of previously undetectable malware. Respond’s new web filtering model analyzes outgoing URL traffic and identifies malicious activity in realtime.”
(1) Ponemon Institute’s 2018 State of Endpoint Security Risk report
About Respond Software
Respond Software delivers near-instant return on investment to organizations in their battle against cyber-crime. As a leader in the emerging class of automated software known as Robotic Decision Automation (RDA), Respond Software is working to address the critical shortage of skilled security analysts impacting security teams of all sizes. Its patented intelligent decision engine, PGO®, uniquely combines human expert judgement with the scale and consistency of software to dramatically increase capacity and improve monitoring and triage capabilities at a fraction of the cost of in-house or outsourced personnel. Respond Software was founded in 2016 by security and software industry veterans and services customers across critical infrastructure sectors such as banking, energy, and retail. https://respond-software.com/
- Casting a Wider Net - Enhanced Web Filtering Support in the Respond Analyst (blog)
- Mining Web Traffic Data to Find Threats (blog)
- Mining Web Traffic Data to Find Threats (video)
- The Respond Analyst Finds Malicious Incident in Web Filtering Data (video)
- Kyriba Case Study - Lean nimble security team scales to enterprise grade
- Finding Incidents Using Web Filtering Data (webcast)
- Oklahoma Case Study