New York, NY and Tel Aviv, Israel, 27 July 2017 – illusive networks, leaders in deception-based cybersecurity, today announced the launch of its External Incident Application Program Interface (API) and Risk Metrics tools, minimizing the manpower needed to manage high impact incidents while expediting their investigation and prioritizing remediation.
Enterprises deploy a wide range of cybersecurity solutions to defend their networks which, in turn, flood their Security Operations Center (SOC) and Incident Response (IR) teams with alerts. According to Ovum analyst Rik Turner, many enterprises accumulate more than 200,000 security alerts each day. Many serious incidents go unnoticed as it is difficult to tell which represent real threats. Alerts often lack meaningful content or supporting data to help responders reduce threat impact. As the number of sophisticated attacks increases, security teams require further assistance in deploying proactive tactics to detect intruders.
illusive’s new External Incident API supports the gathering and processing of incidents from any other prevention and detection technologies deployed across a network, producing forensics for each event in real-time. Facilitating the automation and parsing processes of all forensics data significantly enhances the efficiency and effectiveness of incident handling.
The API enables illusive’s Attacker View feature to present a unified view of events generated from both illusive and other external sources, aiding security teams to leverage the power of forensics data provided, gaining deeper insight that supports more rapid, decisive action.
illusive Attacker View highlights possible hacker pathways from the compromised host to the most prized assets of an enterprise. Newly introduced Risk Insight capabilities analyze the number of lateral moves required in each pathway, generating a metric to better prioritize incidents and remedial actions.
CEO of illusive networks Ofer Israeli explains, “Our API-based capabilities empower the otherwise overburdened SOC and IR teams with richer forensics data, enabling them to anticipate the attacker’s next moves and take a more pre-emptive, risk-based approach. Reducing both costs and resources, our new tools and capabilities further assist enterprise teams to mitigate APTs at the earliest opportunity and minimize impact.”
At the vanguard of the next evolution of cyber defense, illusive networks recently received recognition by Momentum Partners as one of ten cybersecurity companies on their Watch List, by The Wall Street Journal in its inaugural Tech Companies to Watch and was named as one of CRN’s ’25 Coolest Network Security Vendors’.