SecBI's threat detection and response solution leverages the company's autonomous investigation technology, which consolidates incident data with historical and forensic evidence. It also uses machine learning and big data analytics to help MSSPs and SOCs accelerate threat detection and response, SecBI noted.
How Does SecBI's Threat Detection and Response Solution Work?
SecBI's threat detection and response solution uses the following process to identify and address cyberattacks:
- Data Collection: The solution retrieves network security log data from a web proxy (secure web gateway).
- Clustering: The solution correlates security events into clusters, and clusters evolve based on network changes.
- Detection and Investigation: If the solution identifies a suspicious cluster, it then provides a full narrative and incident report, along with related forensic evidence.
SecBI's agentless threat detection and response solution is now available.
What Does SecBI's Threat Detection and Response Solution Offer MSSPs?
SecBI enables MSSPs to incorporate SOC-as-a-service (SOCaaS) offerings into their portfolios. In addition, MSSPs can leverage SecBI's threat detection and response solution to provide a variety of security services, including:
- Breach response, triage and filtering.
- Network security gap analysis.
- Threat hunting-as-a-service.
Furthermore, SecBI's threat detection and response solution is available for multi-tenant, cloud-based or on-premise deployment. It also enables MSSPs to offer network traffic analysis without sensors and deploy and activate solution instances in hours, SecBI indicated.