CONTACT    SIGN IN    SIGN UP
    
SEARCH:
Radar Report
EMA Radar for Network-Based Security Analytics: Q3 2018
Date: 07/31/2018 Length: 55 pages Cost: $795.00

            Linked In    

Abstract:

The speed of detection and mitigation are the true issues today. How fast is as fast as possible? Over the last few years, research like the Verizon Data Breach Investigation Report demonstrated that "as fast as possible" has not been nearly fast enough. Compromises can happen in hours, but identifying an attack may not take place for months or years.

 

It is this issue that focused innovators on how to identify and respond to security incidents faster. The first challenge is being able to wade through the incessant and overwhelming noise of alerts, and reduce them to a workable volume of real problems that can be clearly defined and addressed quickly. 

 

Over the past several years, numerous startup companies were established to address the gap in analytics and visibility of real issues in the sea of alerts. Security analytics solutions were initially designed to perform one or more of three primary types of security-focused analytics: User and Entity Behavior Analytics (UEBA), Anomaly Detection, and Predictive Analytics. Since their inception much of these analytics have merged, leaving only a thin line between combined UEBA/Anomaly Detection and Predictive Analytics.

 

This report is the second of a two-part series. Part one, released earlier this year, delved into the platforms, solutions, and products supplying log-based security analytics for the express purpose of providing them with fewer actionable alerts without the side effects that can filter out alerts on actual threat activity. This second report focuses on vendors that use network information, such as net flows, deep packet inspection, and forensic packet analysis, to gather telemetry.

 

This report evaluates vendors across five major categories supported by over 130 KPIs. EMA evaluated and scored each vendor under the same documented criteria. Each participating vendor has a profile that outlines their solution, its strengths and weaknesses, and its performance ratings compared to the other vendors evaluated. It also documents key decision-making factors important to the buying process and ultimately depicts the vendors relationship to each other based on value vs. functionality.

Evaluated Vendors include: 

  1. Awake Security
  2. Balbix
  3. Cisco
  4. Corvil
  5. ExtraHop
  6. HPE Aruba
  7. Preempt
  8. ProtectWise
  9. RedLock
  10. SS8
  11. Vectra Networks 
  12. Versive 

 

 
Author:

~Former EMA Analyst - David Monahan

Other Contributor:

~Former EMA Analyst - Paula Musich

Other Research on this Topic:
 
Other Research by this Author:




EMA Services

IT Professionals

EMA can help you:

  • Support your decisions
  • Succeed with key projects
  • Align IT with the business

Learn More!

IT Vendors

EMA can help you:

  • Build the right product
  • Reach the right prospects
  • Establish market credibility

Learn More!

EMA Advisory Notes Service

An Affordable Way to Stay on Top of Key Trends & Industry Events

Subscribe now

EMA Premium Research Service

In-Depth Insight into IT Management Benefits, Challenges & Best Practices in the Enterprise

Subscribe now




©1996-2023 Enterprise Management Associates, Inc. All rights reserved.
EMA™, ENTERPRISE MANAGEMENT ASSOCIATES®, and the mobius symbol are registered trademarks or common-law trademarks of Enterprise Management Associates, Inc.
Site Terms & Conditions | Integrity Policy | Site Map | My Account
Hide
Subscribe to EMA RSS Feed
RSS feed
Email
Email
Show