Founded in 1999 and based in Portsmouth, NH, NitroSecurity develops the industry's fastest analytical tools to identify, correlate and remediate information security threats in minutes instead of hours. NitroSecurity solutions reduce business risk exposure and increase network and information availability by removing the scalability and performance limitations of security information management. Utilizing the industry's fastest analytical tools, NitroSecurity identifies correlates and remediates threats in minutes instead of hours, allowing organizations to quickly mitigate risks to the organization's information and infrastructure, while satisfying stringent regulatory compliance reporting guidelines.
NitroSecurity, Inc. is a leading information management company, holding several highly differentiating patents in data collection, storage and management, which represent nearly four hundred man-years of research and development. In 2006, this intellectual property was used to solve several long-standing requirements in the information security market, specifically: the need to manage relevant security information in a highly responsive, real-time manner; and the need to monitor more information from an increasingly diverse set of relevant network devices and applications. In short, to develop a new breed of Security Information and Event Management (SIEM) that overcomes both the scalability issues of previous solutions, while at the same time improving performance to the point where the SIEM can become an integral part of the Security Operations Center.
As the Information Security market has matured, available Security Event Management (SEM) products gradually lost the ability to quickly respond to threatening situations. The change occurred in the face of regulatory compliance drivers, which began to integrate the functionality of Log Management systems into SEM, creating what is now known as Security Information and Event Management, or SIEM. With this focus on long-term collection and reporting, however, the underlying security features of SEM became cumbersome and slow—a result of the much larger amounts of stored information that is required by PCI, HIPAA, SOX, NEC, and other compliance requirements. Unlike original SEM systems, SIEM systems can take hours to produce the relevant security information that is required to effectively mitigate and remediate threats to an enterprise's private (and often regulated) information.
The root cause of the problem is the woefully inadequate scalability and performance characteristics of the underlying data management technologies used within these products; technologies that were not designed to address the requirements of this domain. The ever-growing types, volumes and rates of relevant security information have exposed these fundamental design shortcomings.
Simply put, as the SIEM market has evolved, the market's products have devolved - they no longer function as viable solutions for information security, and instead are limited to the role of compliance reporting tools that can only generate actionable intelligence in a few hours or days.
The next evolution of SIEM overcomes the performance limitations of its predecessors. More systems must be monitored. All activity must be examined, and in greater detail—all the way into the contents of applications and protocols. Most importantly, all of this information and the context around it must be readily available to the analyst, in order to provide real-time decision support. The new SIEM must be content-aware, highly scalable, and lightening fast.
Leveraging our core data management technology, the NitroView family of security appliances is able to achieve both scalability, breadth and depth of analysis, and at the same time reduce the operational delay of the SIEM from hours to mere seconds. The result is a Security Information and Event Management system that is uniquely capable of supporting the real-time, ongoing requirements of the Security Operations Center (SOC), moving SIEM back from the solitary role of a reporting tool, and into a much broader range of use cases. For example: integrating application, protocol, and database activity monitoring to provide both a clear audit trail of data access and use, and also an active defense against data leakage, insider theft, and fraud.
In short, NitroView's performance advantage allows for the assessment of vulnerability, threat and impact, across both network operations and overall business operations. With the ability to collect more information from more sources (data scalability), the ability to detect threats is improved, resulting in better overall security. With the ability to integrate more systems together (breadth of analysis), the required context of user identity, vulnerabilities, and impact are provided. With the ability to access this broader collection of information with maximum granularity (depth of analysis), the forensic analysis requirements of both SOC operators and compliance auditors are provided. Finally, all of this information is made immediately accessible using NitroSecurity's core data management technology to enable the correlation, reporting, and analysis functions of the SIEM in seconds, instead of hours.
|
Log in
