Uila announces Application-centric Cyber Threat Detection for Malicious Network Lateral MovementJuly 16, 2019
Uila Inc., the Hybrid Enterprise Performance & Cyber Threat Analytics company, today announced that it has extended its Application-centric Analytics platform to combat advanced cyber threats by applying East-west traffic visibility to detect lateral movement based threats to enterprise applications. With this new release and the most powerful Application Dependency Mapping solution in the industry, NetOps and SecOps teams are now empowered with a new way of detecting and managing cyber alerts and anomalous deviations in dependencies for applications that are business critical to the enterprise organization.
“Most enterprise organizations have learnt the hard way that preventive security methods alone may not be sufficient to block all attacks or threats, and that their SecOps teams should strive for the intrusions from becoming data or financial or reputation losses”, says Chia-Chee Kuan, CEO and Founder for Uila. “With this new Application-centric cyber threat monitoring capability, security operations teams are for the first time able to bring critical application perspective to cyber threat monitoring and focus on threats for enterprise applications that really matter. Advanced cyber threats these days easily penetrate the deployed perimeter-firewall and work around the host-based security solutions to move laterally through the Data Center or Cloud deployment in stealth mode. Identifying those threats, but more importantly getting insights into the anomalous behavior of the applications by these laterally moving threats, is what sets the Uila security monitoring solution apart from the rest of the monitoring crowd.”
With this new update, Uila has combined its unique Application-centric approach with its well-known Network-centric approach for troubleshooting application performance and threat challenges. In an announcement earlier this year, Uila extended its Network Traffic Analysis capabilities of monitoring Hybrid virtual traffic, with the addition of mapping those application outage or performance issues to congestion, discards or errors on physical networking equipment. In this release, Uila offers a host of features to detect investigate and respond to cyber threats monitoring in the Hybrid Enterprise:
- Agentless Monitoring and Dependency Mapping: Uila employs an Agentless and Scalable Deployment model with built-in classification for over 3200 applications.
- Real-time cyber threat alerts: Get alerted to thousands of cyber threats based on support from the largest group dedicated to advances in the network security industry. These alert categories include malware, exploit kits, port scans, Command and Control threats, OS fingerprinting, Buffer overflows, SMB probes, Obfuscation, etc.;
- Expert Guidance: Get expert guidance on those threats, their symptoms, the impact and corrective actions to solve and avoid future reoccurrences;
- Lateral east-west traffic patterns: This includes real-time traffic analysis of virtual traffic including SMB/SMB2 protocols that maybe used to transfer files/malware, password dumpers, etc.;
- Real-time unauthorized access and traffic analysis: Identify unauthorized VMs/servers/connections as well as changes in traffic patterns for existing deployments;
- Visualize application deviation: This includes identification OF unauthorized VMs or connections or external internet connections from the baseline security policy;
- VMwareNSX-TTM Data Center support: Monitor and troubleshoot VMwareNSX-TTM Data Center deployments.
- Outbound Traffic Visibility: MapOutbound Traffic from the Data Center to the Internet on a world map toidentify and reduce riskassociated with general Internet connectivity;
- Capture Threat Chain of Evidence: Capture Chain of Evidence for quick and effective response to any threat with comprehensive application transaction data, infrastructure status and network traffic data before, during and after an attack in real-time or retrospectively, in addition to raw packet capture based on Uila’s Deep Packet Inspection capabilities.
“This unique approach from Uila for real-time investigations into threats is a game-changer to expose otherwise evasive but malicious threats like insider threats, credential misuse, malwares, lateral movement, DDos, and much more”, says Foothill Community Health Center IT Director, ShuChung Chang. “The visualization of threat incidents and its comprehensive context of the direct impact on the application, infrastructure and network helps security teams focus on threats that matter.” The new security monitoring capability can be purchased as an add-on module to the base Uila license. This new capability is available as part of Uila’s solution today. IT teams can put Uila’s new threat monitoring solution to the test by signing up for a complimentary trial from https://www.uila.com/uila-free-trial.