Damballa reduces ‘time to containment’

Damballa has announced general availability of Damballa Failsafe 5.2 for enterprises, which provides increased visibility into advanced threats, and reduces the time to containment and remediation - stopping active infections from becoming incidents or breaches.

  • 11 years ago Posted in

Damballa Failsafe provides enterprises with actionable intelligence to act efficiently and decisively to find, contain and respond to all of the active infections in your network, prevent breaches and eliminating risk from advanced threats. The latest version of Failsafe expands Damballa’s detection capabilities to include Android APK Sandboxing & Proxy Domain Fluxing Detection, making it one of the first to market with Android support.
Failsafe now also delivers deep level Splunk and SIEM integrations. It also provides executive, security management and incident-responder level reporting, offering organizations unprecedented visibility into their current advanced threat posture. New reports offer visibility into key metrics such as remediation success, hibernating infections, and devices most frequently re-infected.


“Reducing containment and remediation time for advanced threats requires breaking down of security silos and enabling your incident response team to quickly gain visibility into the current state of your environment,” said Brian Foster, CTO of Damballa. “By expanding our threat detection capabilities and expanding the ecosystem of providers with which we can share and correlate data, we continue to help our customers gain the visibility, confidence and actionable intelligence they need to respond decisively to active threats.”


Failsafe SIEM enhancements enable rapid response workflow with industry leading SIEM solutions, including HP ArcSight, RSA enVision and NetWitness, IBM Security QRadar and Splunk for Enterprise security. New functionality enables:
• Simple Detection Validation: gives you the confidence and actionable intelligence to respond decisively to stop the losses from proven and active threats in your network
• Prioritized Response: Device knowledge, including status of device and user, and location, enables rapid pivoting from discovery to response
• Containment Actions, through the ability to block C&C destinations and quarantine infected device
 

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
73% of organizations lack automated patch management, and 62% experienced incidents involving...
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with...
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to...
Aqua’s cloud native application protection platform becomes the only solution that protects cloud...
54% of organisations working on a security transformation project now or in the next 12 months.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Zscaler Zero Trust exchange cloud-based architecture enables superior green security capabilities...