Verint Unveils Next-Gen Threat Protection System Aimed at Protecting Against Advanced Cyber Attacks

Verint® Systems Inc.

today announced advancements to its Verint Threat Protection System™, a comprehensive cyber security solution that uses Actionable Intelligence® to help protect organizations against advanced cyber threats. "The rise in advanced, persistent and stealth malware attacks by well-funded and organized ‘government grade' attack groups creates a need for new approaches to cyber security. Verint's next-generation Threat Protection System was designed to address the gaps that currently exist in the market," explains Dan Bodner, president and CEO, Verint. Gaps in the Market Despite significant investment by organizations in cyber security solutions, advanced cyber-attacks continue to be successful, causing significant financial, operational and reputational damage to organizations. Existing approaches to protecting against advanced attacks suffer from architectural gaps, including: Siloed detection and investigation tools—making it difficult to share intelligence and fully understand the attack scope. Too many alerts—creating noise and making it difficult to focus remediation on the attacks that matter. Insufficient automation—resulting in a long time from initial detection to containment and remediation. These architectural gaps are exacerbated by a shortage of qualified cyber analysts, particularly those with expertise in combatting advanced malware. As a result, organizations are seeking new approaches that can increase their cyber analyst productivity and their cyber security operations effectiveness. Verint's Threat Protection System Approach The Verint Threat Protection System was specifically designed to help address these gaps based on a forward-thinking, three-dimensional architecture that includes: Comprehensive coverage dimension. The Verint solution helps provide visibility and protection across multiple attack surfaces, including networks, end-points and payloads. Integrated functionality dimension. The solution's functionality includes detection, prioritization, investigation and protection, all pre-integrated in a single platform. Time dimension. Advanced cyber-attacks can occur in multiple stages and span over a lengthy period of time. To address the time dimension, the Verint Threat Protection System was designed to support both real-time and forensic analysis, as well as moving back and forth in time within a single solution. In addition, the solution includes innovative orchestration and automation capabilities that function as a "brain" powering intelligence sharing across the three-dimensional architecture. Open and Scalable Platform The Verint Threat Protection System features robust capabilities that are based on an open, scalable platform. Key functionalities include the ability to: Detect. The Verint Threat Protection System includes multiple detection engines for malicious files, networked-based command and control signals, lateral movement and end-points in a single integrated platform and an open architecture that enables integration with third-party detection engines. The solution also uses and shares intelligence gathered from across the "kill-chain" to help improve the detection probability and reduce false positives. Prioritize. The solution includes cross validation across detection engines and robust cyber analytics designed to help cyber analysts focus on the most significant threats by reducing the noise in alerts and ranking incidents by potential severity. Investigate. The solution captures and records network, payload and end-point events. Real-time and forensic analytics help accelerate the investigation and cut time from detection to resolution, thereby reducing attack damage. Its adaptive and rule-based workflows, evidence collection automation and unified visual interface help significantly increase the productivity of cyber analysts. Protect. The actionable intelligence generated by the Verint Threat Protection System helps contain and remediate ongoing attacks, as well as better prepare for preventing future attacks. Deployment Modes The Verint Threat Protection System can be rapidly deployed in a stand-alone mode, and then be integrated with the organization's cyber security infrastructure already in place, for more comprehensive benefits. Stand-alone deployment. Deployment of the Verint solution standalone involves connectivity to an organization's network and end-point devices. Post deployment, cyber analysts can quickly gain insights, and benefit from automation and workflows for a more effective approach to advanced attacks. Integration with perimeter, SIEM and other cyber security solutions. Once deployed, the Verint Threat Protection System can be integrated with the organization's perimeter security in place, and the intelligence generated by the Verint solution can make perimeter security more effective. If an organization already leverages a SIEM, integration with the Verint solution can improve SIEM operations with the benefit from the intelligence generated by the Verint Threat Protection System. Adds Bodner, "We believe that both government and commercial organizations are subject to advanced cyber-attacks and are seeking innovative approaches to cyber security. With the introduction of our next-generation Threat Protection System, we are expanding our market focus to enterprises, which provides Verint an expanded market opportunity."