As simple as it sounds, you can’t secure what you can’t find. Bad actors will always look to exploit vulnerabilities and vectors that represent the paths of least resistance. They do so by leveraging complexity and human complacency to their advantage. The combination of these factors, with a threat landscape that has grown increasingly advanced and diverse, creates a situation where rapid threat discovery and response makes the difference between heroes and headlines (the bad kind).
FireMon and Palo Alto Networks are joining forces to give customers a new layer of “Triple A” protection: Awareness, Analytics and Automation. We are proud to extend our long-standing technology alliance to now include the integration of FireMon’s Immediate Insight threat hunting platform into the Palo Alto Networks Application Framework.
Immediate Insight is an analytics-enabled threat hunting and investigation platform optimized for the Palo Alto Networks Application Framework. Threat hunting requires proactive and iterative search analytics to accelerate threat discovery and response. Equipped with deep analytics, orchestration and workflows, Immediate Insight transforms complex and disparate data, no matter where it lives – on premise or in the cloud – into immediately actionable data, accelerating the ability to detect, analyze and respond to threats.
Automation is a hallmark of FireMon innovation. The added functionality Immediate Insight brings to the Palo Alto Networks Application Framework extends the ability to automate threat hunting capabilities with the following features:
- Automatically stream Application Framework security events of interest into Immediate Insight as both threat-hunting artifacts and context for on-premise data analysis to identify and investigate suspicious activity.
- Integrate Application Framework data, such as on-demand requests of host’s activity history, into your threat-hunting activities.
- Request contextual Active Directory user information from the Application Framework.
- Optionally share observations through Immediate Insight’s tags and notes with other Application Framework-enabled applications.
Immediate Insight brings instant security value to the Palo Alto Networks security operating platform, so customers can generate immediate results with minimal effort. We will showcase this next-level integration at several Palo Alto Networks events this month and are most excited to be recognized in the Ignite Keynote presentation by Palo Alto Networks’ Chief Product Officer, Lee Klarich. We will also conduct two scheduled demos alongside Palo Alto Networks from the show floor during Ignite ’18 Europe in Amsterdam this week.
You can also find FireMon at events both in New York and Chicago on October 16. In New York, we will be at the Palo Alto Networks Cloud Security Summit at Pier Sixty. In Chicago, we will have the FireMon Lab up and running at the Spark User Summit.
Want your own demo? Schedule direct with our team here: https://content.firemon.com/events/demo-request, or just activate Immediate Insight at the Palo Alto Networks Application Framework Marketplace by clicking here: https://apps.paloaltonetworks.com/marketplace/i_insight.
October is Cybersecurity Awareness Month and as the conversations on threat awareness and network visibility continue in the media and at various conferences, an examination of your tools for analytics and enforcement should make your to-do list. In the meantime, be sure to visit our blog for periodic insights from our team on how to strengthen your security awareness.