Comprehensive Software Reviews to make better IT decisions
Proofpoint SOARs Above the Rest With Award-Winning Security Orchestration, Automation, and Response
Proofpoint’s Threat Response has claimed the Cybersecurity Excellent Awards Gold Winner for 2019 in the Incident Response category. While it is well known in the security space that there is no silver bullet solution for every attack, Proofpoint’s solution aims to reduce the manual labor and guesswork required in times of chaos, helping organizations to resolve incidents more efficiently.
Threat Response is a security orchestration, automation, and response solution designed to manage several crucial steps of the incident management process. The solution is able to ingest security alerts from multiple security tools and endpoint forensics as well as additional context and intelligence from both internal and external sources.
By aggregating and analyzing all of this data, the solution can make that data actionable by then automating workflows and response procedures, including lists and objects for enforcement. It can integrate with existing security infrastructure to block verified threats and quarantine infected systems and user accounts to minimize the prorogation of the incident.
While the solution offers significant benefits, there are some potential drawbacks and possible risks to be aware of:
- Garbage in, garbage out. The solution can be limited by the quality of data that it is given. If your security controls or threat intelligence are not providing accurate data, false positives may lead to extra work or true positives may result in incidents not being detected until it’s too late.
- Better safe than sorry? Quarantining and containing infected systems may result in over-protection at times, which may prevent users outside the scope of the incident from performing their job duties.
- Too much of a good thing? The automated eradication may resolve the issue too quickly, before it has been fully investigated. As a result, the learning process associated with incident response may be lost. The symptoms of the attack are addressed, but the vulnerabilities that caused it have not necessarily been tackled.
Want to Know More?
Amazon Web Services (AWS) has added a new discount model to give customers a quicker on-ramp to savings while locking them into multiple-year term agreements. The latest discount plans are based on annual or multiple-year spend commitments on the AWS platform.
Joshua Burgin, the technical advisor to the senior vice-president at Amazon Web Services (AWS), opened AWS Summit Toronto with jabs at Oracle and Microsoft. AWS wants to position itself as customer-centric, but users of its platform might only end up locked-in to a more beneficent vendor.
It is no surprise that this year’s OpenWorld conference continued to focus on Oracle’s cloud efforts. We dive in to discover if Oracle is doing enough to catch up to the competition of Amazon’s AWS, Microsoft’s Azure and Office clouds, and Google’s GCP.
Oracle is aiming to make it extremely easy to shift your VMware workloads to the Oracle Cloud. In addition, it will provide you the capability to choose where your data will reside. This is an important feature for organizations concerned about data sovereignty.
The University of British Columbia is partnering with Amazon Web Services to build a cloud innovation center.
At the AWS Summit in Toronto on October 3, 2019, Amazon Web Services announced a third availability zone (AZ) for Canada Central, to be launched in 2020. A third AZ will provide increased reliability and improved DR capabilities for AWS customers who wish to keep their data in Canada.
Should Google’s parent, Alphabet, buy Nutanix? If analysts at forecasting software vendor Trefis have their way, the search giant should be signing the check.
Amazon has unveiled its Quantum Ledger Database service. This service threatens vendors who build bespoke blockchain solutions without peer-to-peer functionality.
AWS Cloud Development Kit (CDK) breaks new ground in infrastructure as code. Info-Tech expects infra-as-code tooling to continue to grow more sophisticated.