Latest news
The appliance helps security teams evaluate all session metadata, regardless of whether or not it was previously identified as malicious. This provides analysts with deep, continuous and historical visibility on all traffic at key monitoring points, allowing them to quickly and more accurately identify anomalous patterns to detect new attacks designed to evade traditional security tools.
In addition, analysts can use common attack indicators to understand the full scope of an incident, helping to better protect their organizations against advanced persistent threats.
Working in conjunction with Fidelis XPS sensors and Fidelis XPS CommandPost, the Fidelis XPS Collector provides a simple architecture that is not storage-intensive. The tools combined capabilities give security teams the ability to detect malicious sessions designed to evade security tools that rely on previous knowledge of the threat or its behavior for identification.
This added insight allows analysts to identify and assess if past incidents might be part of the same campaign, even if those incidents had not been originally flagged due to the lack of a corresponding rule. Armed with this information, they can create tuned rules to prevent future attacks that are part of the ongoing campaign.
Fidelis XPS Collector features further enhance the Fidelis XPS network security product family use cases:
Advanced threat defense – allows for enhanced defense by providing the ability to quickly correlate sessions that may have triggered a policy-driven rule and by quickly identifying other systems that may have been breached as part of the same attack.
Intelligent network forensics – improves forensic capabilities by the access to session metadata and its powerful query capabilities.
Data breach prevention – enhances the ability to look for files that may have been exfiltrated.
Cloud services security – stores information about all applications, which allows for the detection of unauthorized use of cloud-based services.
Spotlight
Review: Logging and Log Management
Posted on 22 May 2013. | Every security practitioner should be aware of the overwhelming advantages of logging and perusing logs for discovering system intrusions. But logging and log management comes with its own set of difficulties.
Experts highlight top data breach vulnerabilities
Posted on 22 May 2013. | Hidden vulnerabilities lie in everyday activities that can expose personal information and lead to data breach, including buying gas with a credit card or wearing a pacemaker.
A closer look at Mega cloud storage
Posted on 21 May 2013. | Once a novelty, nowadays many cloud storage services are fighting for their piece of the market in the virtual world. Mega offers 50GB of free space with great pricing on Pro accounts.
The CSO perspective on healthcare security and compliance
Posted on 20 May 2013. | Randall Gamby is the CSO of the Medicaid Information Service Center of New York. In this interview he discusses healthcare security and compliance challenges and offers a variety of tips.
Cyber espionage campaign uses professionally-made malware
Posted on 20 May 2013. | A massive cyber espionage campaign has been hitting government ministries, IT companies, academic research institutions, and more.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
