ArcSight this week detailed a new software product, TruThreat Discovery, that combines data mining technology with security to more effectively evaluate security threats.
TruThreat Discovery focuses on picking out patterns, such as a sequence of activities between a source and target, to help identify threats. Such potential threats include: Day Zero attacks, low and slow attacks, and insider threats.
"The more information you can collect and analyze, the more accurate the threat identification can be," said Larry Lunetta, vice president of marketing at ArcSight.
Lunetta said that the software does more than just packet inspection. "It's the data mining of event flow. We deal at a much higher level than packets represent," he said.
TruThreat also spots known security trends by using the company's correlation engine, which is where all alerts and alarms are collected.
Scott Crawford, an analyst with Enterprise Management Associates said that the new product fits into the burgeoning security information management (SIM) space.
Crawford referred to products in that area as "contextually-aware security."
"[TruThreat Discovery] has the ability to track various indicators on attacks that have more than one dimension," Crawford explained.
TruThreat discovery will be available in June.
Sign up to receive Security Resource Alerts
A comprehensive security management solution can help you streamline, as well as grow, your current or evolving business. In this way, a strategic security approach can help you increase your competitiveness in these challenging market conditions.
Download now! »
Find out how you can effectively collect, normalize and archive enterprise-wide, security-related data that is invaluable for security investigation and compliance reporting.
Download now! »
This session focuses on the intersection of role management and identity compliance, and addresses the importance of identity compliance in enterprise governance and the challenges that organizations may face in achieving it.
View now! »
7 Recommendations
