Data is not only the coveted prey for cybercriminals, but also an important raw material for cyber security. Teams and analysts can also quickly be overwhelmed by the sheer volume of data. It is not even a question of the costs of data acquisition and data storage.
Vectra, provider of an IT security platform based on artificial intelligence explains. Vectra, what value do network metadata provide in this context and why can this level of visibility simply not be achieved with other approaches?
Firewalls Are Usually Used As Perimeter Defense
You usually only see the traffic that flows over the firewalls. Firewalls do not give the data traffic any visibility as soon as it leaves the device and are completely blind to internal network traffic. Metadata solutions for the entire network or switch port analyzers record data traffic within a network as it moves from outside to inside, from inside to outside and internally. As a result, both the incoming data traffic and all data traffic, regardless of their origin, are visible on their way through an internal network. Overall network metadata therefore offers excellent visibility of all network traffic.
The network metadata are used in formats, so that workloads can be migrated quickly and easily. Starting from scratch with the network metadata is also quick and easy, as content created by the large community can be used without any problems.
In addition, there are now data pipeline solutions that enable companies to store data, data lake or in the cloud. This can be supplemented by a hosted data platform that guarantees the availability and functionality of the data and unlocks additional value from this data. Using such solutions enables incidents to be investigated, attackers tracked, attack activity analyzed and supports compliance and audit scenarios.
Cyber Threat Detection
- Generate automatic discoveries for the things that are important to users in network metadata, using extensive insights to get a head start.
- Accelerated investigations with contextual insights from network metadata for faster and better results with every security investigation.
