Product Highlight: AccessData InSight™ Platform
The InSight Platform™ is a Continuous, Automated Incident Resolution (CAIR™) platform, delivering the critical capabilities necessary to detect, analyze, and resolve any security incident. The Cyber Intelligence & Response Technology (CIRT) that drives the InSight Platform integrates network, endpoint and malware analysis, as well as remediation into a single, scalable solution. This makes it possible for all security and compliance teams to do their jobs using one platform, automating tasks and collaborating in real time.
Continuous, Automated Incident Resolution (CAIR™)
In an era of continuous compromise, relying on point products and manual processes will not meet the challenges you face in defending your domain. The InSight Platform integrates with SIEM platforms and third-party alerting solutions to automatically isolate, analyze and remediate when events are triggered. In addition, it ingests multiple formats of threat intelligence and searches both the network and endpoints against that information, with the ability to automatically respond and remediate as threats are detected. This is Continuous, Automated Incident Resolution, and this is what it will take to protect your information assets in the 21st century.
Endpoint Threat Detection
InSight Platform delivers unmatched endpoint threat detection by searching against multiple formats and sources of threat intelligence and IOCs. You can scan for unknown threats, as well, triaging suspect binaries in seconds.
Network Threat Detection
Operating like a network surveillance camera, the InSight Platform monitors, captures and analyzes network traffic, as well as the internet activity of off-network employees. InSight Platform will monitor your network against multiple sources of threat intel, as well.
Signature-less Malware Detection
Detect previously unknown malware and advanced threats that other solutions miss. The InSight Platform allows you to scan your entire enterprise, filtering out the noise, to zero in on suspect binaries, determining their behavior and intent in seconds.
Source-agnostic Threat Intelligence Ingestion and Searching on both Network and Endpoints
InSight Platform is the first solution to ingest and search against multiple formats of threat intelligence and IOCs from multiple sources. Supported formats include CIF, CybOX™, OpenIOC and YARA rules.
Bi-directional Integration with SIEM Platforms and Other Third-Party Solutions
SIEM alerts can automatically trigger the InSight Platform to isolate compromised systems in seconds, then, perform incident analysis, including comprehensive network forensics, computer forensics and malware analysis. Results can be viewed in either the SIEM interface or InSight Platform. InSight Platform is also able to automatically remediate.
Speed and Agility
The integrated visibility, automation and collaboration the InSight Platform provides gives Security Operations, Network Security, Forensics and other teams the agility they need to detect more, respond faster, and achieve Continuous, Automated Incident Resolution (CAIR™).
Built-in, Automated Remediation
Unlike any other integrated rapid detection and response platform, the InSight Platform doesn’t just contain, it eradicates. Comprehensive remediation operations can be automated, and the batch remediation function allows you to stop the bleeding fast.