RedSeal Networks, a provider of security risk management for cyber attack prevention, is offering the latest version of its platform to protect companies and government agencies from attacks across the network. RedSeal 6.5 extends its continuous monitoring and security risk management capabilities to include over 60 new features such as support for bring your own device (BYOD) initiatives, deeper risk metrics and SIEM integration.
Network security "dark space" is defined as any network infrastructure that doesn’t appear in the “database of record” or “golden store” of configuration data, including firewalls, routers, proxies, load balancers, as well as endpoints and hosts. In a highly complex network with tens of thousands of nodes, this represents a massive challenge for organizations.
RedSeal estimates that most organizations are only monitoring as little as 82% of their network, leaving up to 18% as network dark space—left exposed simply because it’s not on their radar. “In an ideal world, CISOs, CIOs, IT security directors and administrators can take a look at their network and close any gaps that expose vulnerabilities, but the reality is, most organizations have ‘known unknowns’ – assets that are out of sight, not properly monitored or tracked, but important due to their downstream impact on other assets that are visible,” said Parveen Jain, president and CEO of RedSeal Networks.
The new platform features support for wireless network controllers, extending visibility to constantly changing and elusive Wi-Fi endpoints. With the rise of BYOD initiatives it can be critical to monitor additional endpoints and ensure that access to critical network assets is monitored.
In addition to wireless network support, RedSeal 6.5 adds deeper risk analysis and metrics for proactive mitigation of threats and reactive damage assessment analysis in the event of an attack. Analytics for proactive threat mitigation include Common Configuration Enumeration (CCE) scores to identify host configuration risk and in addition to vulnerability scores to identify the highest risk systems. Damage assessment analysis defines the scope of a compromise and helps rationalize the extent of potential impact for IT response teams.
The platform also includes integration into three security information and event management (SIEM) solutions. The integration bridges the divide between proactive and reactive security systems with an additional level of network context and event filtering for faster response to critical incidents and a reduction in event overload. RedSeal Networks currently supports HP ArcSight, McAfee Enterprise Security Manager, and IBM Q1.