CSPi (NASDAQ:CSPi), a provider of advanced security products and security services, as well as IT technology managed services, today announced that it is now part of the Cisco Technology Alliance Ecosystem. As a member of this Cisco partner community, CSPi has created an integrated cost-effective solution that automates breach detection. CSPi has harnessed the strengths of Cisco's FirePOWER firewalls and CSPI's Myricom nVoy security products to automate two critical elements of the breach investigative response process: cyber threat verification and full forensic data extraction. By having this data on hand, automatically, at the earliest stages of a breach the investigative response activities can typically be wrapped up within a few hours of total duration instead of the tens to hundreds of hours that is normal today.
CSPI's Myricom® Automated Investigative Response (AIR) application continually ingests alert events, targeting user-identified critical assets from Cisco FirePOWER firewalls or NIPS systems, to find alerts that indicate a breach may be occurring. It takes the relevant event data, including the source and/or target address as well as the time stamp to be used to trigger the nVoy Packet Recorder, to generate a matching extract of the conversations between those devices. The extraction is initiated as the FirePOWER detects an intrusion - the resulting extraction file is the trigger to begin the incident response effort. This is made simpler by leveraging these extraction files, which contain the details required to quickly determine the severity and actions required.
These details include:
About Cisco
Cisco (NASDAQ:CSCO) is the worldwide technology leader that has been making the Internet work since 1984. Our people, products, and partners help society securely connect and seize tomorrow's digital opportunity today. Discover more at newsroom.cisco.com and follow us on Twitter at @Cisco.
Myricom is a registered trademark of CSP Inc. All other brand names, product names or trademarks belong to their respective owners. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks.
CSPI's Myricom® Automated Investigative Response (AIR) application continually ingests alert events, targeting user-identified critical assets from Cisco FirePOWER firewalls or NIPS systems, to find alerts that indicate a breach may be occurring. It takes the relevant event data, including the source and/or target address as well as the time stamp to be used to trigger the nVoy Packet Recorder, to generate a matching extract of the conversations between those devices. The extraction is initiated as the FirePOWER detects an intrusion - the resulting extraction file is the trigger to begin the incident response effort. This is made simpler by leveraging these extraction files, which contain the details required to quickly determine the severity and actions required.
These details include:
- What type of assets were involved, such as PII or other critical data
- The scope of which data records were exposed
- The duration of the breach
About Cisco
Cisco (NASDAQ:CSCO) is the worldwide technology leader that has been making the Internet work since 1984. Our people, products, and partners help society securely connect and seize tomorrow's digital opportunity today. Discover more at newsroom.cisco.com and follow us on Twitter at @Cisco.
Myricom is a registered trademark of CSP Inc. All other brand names, product names or trademarks belong to their respective owners. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks.
