Threat Hunting Platform Available on AWS, Supports VMWare and Linux KVM; Provides Greater Visibility Across Hybrid Cloud and On-Premises Environments
July 26, 2018 – Columbia, Md. – Bricata, Inc., a leader in advanced network threat protection solutions with threat hunting capabilities, today announced the latest release of its flagship product for immediate availability. This release permits its management console and new cloud sensors to be deployed in a cloud environment. This provides security analysts with anywhere, anytime access for administering sensors and defending against threats across on-premises and cloud environments.
The company’s solution is available in both physical and virtual form which offers flexibility to enterprise customers migrating to the cloud or managing hybrid environments. The Bricata solution for the cloud is now available for deployments on Amazon Web Services (AWS). It also supports VMware environments and most cloud environments running on the Linux KVM platform.
Bricata is also announcing arrangements with Gigamon and Ixia to provide traffic data for analysis. This is because most cloud providers do not provide access to OSI Model layer two network traffic. Gigamon and Ixia both provide virtual agents that can forward or mirror the data necessary for threat detection and analysis.
“Many of our customers are large organizations in the process of migrating some or all of their infrastructure to the cloud,” said Bricata CEO John Trauth. “A major security problem is that they have the same requirements to protect their networks in the cloud as they did on-premises – and they couldn’t until now.”
Bricata is unique because it combines a range of network security capabilities – packet capture (PCAP), prevention, detection, metadata analysis, and malware conviction – onto a single platform in such a way that it provides both deep network traffic analysis and easy way to begin network threat hunting.
Now that the solution supports the cloud, this, in turn, brings greater visibility, advanced intrusion detection and threat hunting capabilities to one place for security analysts with purview over the cloud, on-premises and hybrid environments.
This benefits security organizations because it delivers the context necessary to understand what is happening as an incident unfolds, which accelerates the capacity to respond where time is most precious. More importantly, the threat hunting workflows Bricata provides simplifies the otherwise complex endeavor of hunting down those advanced and unknown threats that have evaded existing detection techniques.
“There is an incredible amount of noise in any security operations center (SOC) which introduces more risk to the enterprise,” added Trauth. “We’re giving the analyst the ability to look at an alert in context to quickly determine the ground truth. In other words, we’ve paired alerts with data collection and a workflow that allows the SOC to rapidly pivot from triaging alerts to defeating threats.”
Bricata has released several new product enhancements this year. In May, the company announced new updates to help security organizations better prioritize the deluge of security alerts and improved threat hunting workflows. In January, it rolled out a new dashboard, intelligent packet capture feature, and threat hunting capabilities announced earlier this year.
Bricata is venture-backed, having secured an $8 million growth round led by Edison Partners about this time last year. Its last round included an investment and development agreement with In-Q-Tel, the strategic investor that accelerates the development and delivery of cutting-edge technologies to support the mission of the U.S. Intelligence Community.
The company was named a “vendor to watch” by a reputable technology analyst firm in 2015 and 2016. In 2017, the news organization SDxCentral described it as one of “10 Security Startups to Watch” and just this year its product earned favorable independent reviews including one in CSO Online titled Bricata adds threat hunting to traditional IPS/IDS.
Bricata develops advanced network threat protection solutions with network threat hunting capabilities. The core platform examines threats with three different detection engines looking for malicious signatures, behavior anomalies and zero-day malware or polymorphism. Bricata also captures critical metadata about network transactions which provides the security operations center with a simple way to begin hunting for threats while providing important context in the event of incident response. Bricata works well with existing security applications, scales for large organizations, and provides an affordable solution for situational awareness as part of a layered security posture that reduces complexity and the time it takes to detect and remediate threats. For more information visit www.bricata.com.
media at bricata-dot-com