Hi , Hope everyone doing good. In this article we going to explain about top trending Cyber/Information Security technologies in year of 2018 to 2019.
1.SIEM
Security information and event management (SIEM) is an approach to security management that combines SIM (security information management) and SEM (security event management) functions into one security management system.
SIEM is a tool used to monitor real time logs of Firewall,Server, Users to identify the security incident in a enterprises network.
But its an passive device,only can detect only the Cyber incidents .
The place where they processing the logs with SIEM tool called SoC (Security Operations Center)
2.EDR
Endpoint Detection and Response (EDR) is a new trending technology from past two years to detect and prevent the Cyber attacks in end-User machines before the Exploitation or Foot-Printing.
Its not like classical Anti-Virus software ,which is not contains any kind of virus Signatures database to find the malicious instead contain all exploit techniques to stop/prevent the attacks before stage of exploitation and clear the threads from the machine.
3.NAC
Network Access Controller (NAC) used to monitor all the LAN traffic inside the enterprises network to do Asset Management and Classification, Compliance check like Domain, AV, Software version, OS missing patch, unnecessary open ports, Compromised endpoint machine, Process monitoring, Exploitation detection and more and more by an single automated device.
Which not not required any manual process for take action if any non-Compliant detected by NAC, which immediately disconnect from the network by disabling the Switch port of the connected machine.
Along with NAC we can integrate multiple products EDR, DDoS protection, VAPT Tools, firewalls, SIEM and More. were we can do Security Automation on your hole network to keep in single console control.
4.SOAR (Security Orchestration and Automation)
Organizations today face many challenges when it comes to getting ahead of their security goals. For one, finding talent is time-consuming, and once you do find the right fit you want them to be able to focus on the most impactful work—not get bogged down in manual, recurring, time-intensive tasks. Additionally, chances are high that your organization uses technology that multiple teams need to touch and collaborate on, yet the various pieces don’t always integrate.
While adding a 25th hour into the day will remain a pipe dream, it is possible to get some time back and achieve your security goals. That’s where security orchestration and automation comes in. With an effective security orchestration and automation response (SOAR) solution, it’s possible to achieve more, in less time, while still allowing for human decision-making when it’s most critical. Move beyond relying on point-to-point integrations for your technology stack; instead, rely on a solution that empowers you to build out your various processes and connects you with the right people and technology to achieve your goals.
Where We can achieve SOAR by integrating SIEM and EDR with NAC. So, here NAC will be act as centralized Automated controller of your network and we can integrate multiple Security products with NAC to achieve SOAR in simple way.
With help of NAC can run automated ACL, End-Point detection, Thread and Zeroday Monitoring and immediate response and NAC can run any type of scripts (Shell, BAT, Ruby, Python) on Client and server side to achieve security goals.
