Awake Security Uncovers Malicious Intent Across On-Premise, Internet of Things and Cloud InfrastructureNovember 20, 2018
Awake Security today unveiled the Fall release of its Awake Security Platform, an advanced network traffic analysis (NTA) solution designed to help organizations combat sophisticated cyber threats and improve overall visibility.
Awake’s exhaustive intelligence is built on 360-degree visibility and a deep understanding of the business entities in the organization-whether those are traditional IT assets, Internet of things (IoT) devices, or cloud workloads. Through analysis of every communication between these entities, Awake’s enhanced network detection and response platform better detects mal-intent and attacks that blend in with business-justified activity. This empowers security teams to stop insider attacks, credential abuse, lateral movement, data exfiltration, and more.
"We see a shift in the way security teams go about uncovering threats as their organizations embrace the cloud, IoT, and/or hybrid IT. Only looking for ‘known-bad’ is no longer sufficient as it leaves security teams oblivious to advanced, non-malware oriented threats especially once the perimeter has been compromised. Modern security operations centers must focus on using analytics and artificial intelligence on real-time network data to rapidly uncover such threat activity," said Eric Ogren at 451 Research. "Awake’s entity-centric NTA approach promises to help eliminate noise and provides security teams with the visibility, detection, and response features required to secure modern enterprise environments."
The latest release of the Awake Security Platform strengthens organizations’ ability to detect malicious intent so they can find and stop attackers that exploit otherwise benign tools and infrastructure. Using artificial intelligence, Awake brings the skills and knowledge of the world’s foremost investigators to every customer, allowing for the detection of everchanging attacker tactics, techniques, and procedures (TTPs).
"The very definition of the network is changing with the increased prevalence of cloud, IoT, and shadow IT practices," said Rahul Kashyap, CEO at Awake. "These most recent innovations enable detection of threats targeting this new network, whether on-premise or in the cloud, whether from managed or unmanaged infrastructure, and whether IT or operational technology. Ultimately this is enabling our customers to secure the connected workplace more effectively and autonomously."
With this release, Awake is cementing its place as the only advanced network traffic analysis solution that marries advanced threat detection with forensics to deliver a comprehensive platform for all users in the security team and beyond.
Key highlights of this release include:
- For the Level 1 analyst:
- Comprehensive detection: Automated detection of new and emerging attacker TTPs. These detection "skills", built into the technology by the Awake threat research team, operate by correlating across entities, time, protocols, and other relevant parameters. These skills can also be built and customized by Awake customers and partners.
- Easy user experience: Rich visualization and threat mapping that allows teams to spot campaigns early in the attacker lifecycle and shrink response time.
- For Level 2 and 3 analysts:
- Automated triage: Forensic analysis that gives every entity in the environment a credit-score-like risk rating and presents the evidence within a comprehensive forensic threat timeline.
- Rapid response: Enhanced investigation and response capabilities that automatically deliver context and capture an organization’s procedural knowledge and process into the platform’s machine learning models.
- For the Security Operations, Network Operations, and Compliance teams:
- 360-degree visibility: Support for 360-degree visibility, including IoT infrastructure and workloads and applications in Amazon Web Services, Microsoft Azure, and the Google Cloud Platform.
- Integrations: Organizations’ existing solutions are amplified through Awake’s integrations into industry-leading SIEM, endpoint detection, and security orchestration tools.
"While the SOC has quickly seen the merits of NTA, existing solutions have struggled to address challenges with training machine learning algorithms, weak internal attribution, and high false positives," said Gary Golomb, co-founder at Awake. "Our updated platform uses full-packet analysis, encrypted traffic analysis, entity tracking that goes beyond IP addresses, and smarter approaches to machine learning that now automate the type of deep forensic insight that could previously be achieved by only the most advanced threat hunters."
For more information about the Awake Security Platform, please visit https://awakesecurity.com/product/.