Head of Information Security at a insurance company with 1,001-5,000 employees
Real User
2020-06-04T08:42:34Z
Jun 4, 2020
Efficiency has definitely improved, tool sets that I’m familiar with are becoming more accurate with alerts and identifying the unusual. This was never the case a few years ago, where signature and full packet inspection was the only real method of reactive detection.
AI has definitely pushed user behaviour to a new level which was nearly impossible to accurately baseline previously. Of course with any developed technology lots of modelling and testing has to be completed but let’s not forget AI has been talked around a long while but until recently it’s not really been that useful.
As for drawbacks it I haven't noticed many, any false positive is I suppose a drawback but generally I only see this as a logical step in an ever changing environment.
Having said all that no one ever relies on a single technology and the key is to test, test and yes more tests. I for one always have a red team type exercise, the scale dependant on the company, this gives a great indication on your defences and how we can improve. This is then supported with table tops with technical teams to ensure repeatable actions are followed. Users will always be the key and having a well educated and robust user awareness programme is also paramount.
Search for a product comparison in Network Traffic Analysis (NTA)
Modern Security Operations teams have access to vast amounts of data, but this has not translated into greater effectiveness. The goal of NTA is to not only eliminate blind spots with unprecedented visibility, but to also cut through the noise of alerts with high-fidelity behavioral analytics.
In addition, it should dramatically reduces the time required to take action, from days to seconds, through automated investigations. To achieve these goals, NTA takes advantage of new machine learning and network traffic analytics technology. At its core, NTA which should be powered by an open, programmable, and extensible real-time streaming analytics platform and cloud-based behavioral analytics for full layer-7 visibility.
NTA shave Analytics and Investigation platform for the enterprise.
NTA real-time analytics and machine learning to every network transaction to cut through the noise and deliver concrete answers
Much like SIEM, NTA turned logs into operational insights, NTA turns network data into real-time situational intelligence
NTA technology is often used by Security and IT Ops teams to support key initiatives like Security, App Service Delivery, and IT Modernization
Network Traffic Analysis (NTA) is used to monitor, analyze, and optimize the flow of network traffic to identify performance issues, security threats, and ensure efficient data handling.
NTA tools enable organizations to visualize network activity in real-time and support historical data analysis. Users can detect anomalies, uncover hidden threats, and optimize their IT infrastructure. Advanced NTA solutions offer machine learning capabilities to automate threat detection and response,...
Efficiency has definitely improved, tool sets that I’m familiar with are becoming more accurate with alerts and identifying the unusual. This was never the case a few years ago, where signature and full packet inspection was the only real method of reactive detection.
AI has definitely pushed user behaviour to a new level which was nearly impossible to accurately baseline previously. Of course with any developed technology lots of modelling and testing has to be completed but let’s not forget AI has been talked around a long while but until recently it’s not really been that useful.
As for drawbacks it I haven't noticed many, any false positive is I suppose a drawback but generally I only see this as a logical step in an ever changing environment.
Having said all that no one ever relies on a single technology and the key is to test, test and yes more tests. I for one always have a red team type exercise, the scale dependant on the company, this gives a great indication on your defences and how we can improve. This is then supported with table tops with technical teams to ensure repeatable actions are followed. Users will always be the key and having a well educated and robust user awareness programme is also paramount.
Modern Security Operations teams have access to vast amounts of data, but this has not translated into greater effectiveness. The goal of NTA is to not only eliminate blind spots with unprecedented visibility, but to also cut through the noise of alerts with high-fidelity behavioral analytics.
In addition, it should dramatically reduces the time required to take action, from days to seconds, through automated investigations. To achieve these goals, NTA takes advantage of new machine learning and network traffic analytics technology. At its core, NTA which should be powered by an open, programmable, and extensible real-time streaming analytics platform and cloud-based behavioral analytics for full layer-7 visibility.