California-based Infoblox has launched a new platform that contains a DNS detection and response solution.
The firm told QA FInancial its new SOC Insights tool can reduce response times as the feature is able to turn security events, network, ecosystem, and DNS intelligence data into a set of immediate, actionable insights at AI speed.
Aimed at banks, insurance firms and the wider financial services industry, the new tool is an addition to its BloxOne Threat Defence platform, said Silicon Valley-based Craig Sanderson, the firm’s vice president, security and product management.
“Going beyond simple malware risk-based dashboards, this platform enables banks’ cybersecurity teams to reduce mean-time-to-respond [MTTR], by eliminating wasted time by consolidating individual alerts into insights,” Sanderson explained.
He pointed out that each insight provides access to device, event, and attacker infrastructure details.
“This eliminates the need for SecOps teams to spend time tracking each individual alert or waiting on NetOps for user and device information for context around threat activity,” Sanderson continued.
He went on to call his new platform “a game-changer for SecOps, allowing them to focus on what really matters, especially when they’re up against limited budget and resources.”
He added that “we envision a future where AI-driven analytics and DNS-driven intelligence dramatically elevate SecOps efficiency.”
Critical challenges
Zooming in on the new platform, Sanderson said the software is designed in a way it should be able to help in eliminating critical SecOps team challenges, such as increasingly complex cyber-attacks.
“Apply unique DNS threat intelligence to identify threats other tools will miss and proactively disrupt adversaries’ infrastructure to stop threats before they occur,” he said.
Also, alert fatigue. “Quickly identify which events matter the most by narrowing down hundreds of thousands of alerts to a more manageable set of insights with actionable guidance to accelerate the investigation and remediation process.”
Finally, the tool addresses lenghty incident response times.
“Eliminate wasted time collecting, filtering, and interpreting vast amounts of event, network, and unique DNS intelligence data to enable SecOps to quickly or automatically initiate response activities,” Sanderson concluded.
ALSO READ
