SANTA CLARA, Calif.,
Oct. 10, 2017 /PRNewswire/
-- Gigamon Inc. (NYSE: GIMO), the industry leader in
visibility solutions, today announced new integrations with both
Splunk and Phantom aimed at accelerating incident response,
reducing the time to threat detection and automating threat
mitigation. The Gigamon IPFIX Metadata Application for Splunk, the
Gigamon Adaptive Response Application for Splunk and the Gigamon
App for Phantom utilize industry standards and open APIs for
seamless integration. The solutions empower SecOps and DevOps teams
to take immediate action and effectively combat rapidly evolving
and persistent cybersecurity threats.
These three integrations bring to life the Defender Lifecycle
Model, a new approach to security that addresses the increasing
speed, volume and polymorphic nature of cyber threats. The model is
based on a foundational layer of pervasive visibility across the
four key pillars of prevention, detection, prediction and
containment that are essential in a modern cybersecurity
infrastructure. The model leverages the GigaSECURE® Security
Delivery Platform and enables the integration of machine learning,
artificial intelligence (AI) and security workflow automation to
shift control away from the attacker and back to the defender.
The industry notes business demand for cybersecurity solutions.
According to Gartner, "By 2020, 60 percent of enterprise
information security budgets will be allocated for rapid detection
and response approaches, up from less than 20 percent in 2015."
1
"Our new Splunk and Phantom solutions help customers better
manage the threat environment by streamling the collection,
analysis and reaction to suspicious data using the GigaSECURE®
Security Delivery Platform across their cybersecurity
infrastructure. This will help customers expand their use case
options, and accelerate both their deployment timelines and the
time-to-value," said Ananda
Rajagopal, vice president of products at Gigamon. "The
integrated solutions speed threat identification and mitigation by
automating what is often a time-consuming and complex manual
process."
Splunk Integration Capabilities Overview
For SecOps
teams who are challenged with managing an overwhelming amount of
data, incidents and potential threats, the new Splunk® integrations
from Gigamon deliver the visibility and control required to quickly
and effectively identify critical incidents and threats and
automatically mitigate them.
The Gigamon IPFIX Metadata Application for Splunk allows Splunk
customers to ingest network metadata generated by the GigaSECURE
Security Delivery Platform. The Gigamon Adaptive Response
Application for Splunk enables security operations center (SOC)
teams to take automated actions on the GigaSECURE platform in
response to threats detected in Splunk ES.
The solutions can be used for a variety of use cases
including:
- The isolation of an infected host trying to resolve
high-entropy domain names or block rogue DNS servers.
- The detection and mitigation of malware attacks such as the
recent WannaCry ransomware cyberattack.
- The redirection of traffic to a recorder or a specific security
tool chain for advanced analysis can be performed when usual
network traffic activity is seen.
"Increasingly sophisticated threats cannot be eliminated with
any single technology. There is no silver bullet for security,"
said Haiyan Song, senior vice
president and general manager of Security Markets at Splunk. "We
created the Adaptive Response Initiative to help organizations more
efficiently and flexibly combat advanced attacks with their
existing security architectures. Members like Gigamon are key to
the success of Adaptive Response. We look forward to working with
them as the world embraces an analytics-driven approach to
security."
Phantom Integration Capabilities Overview
The Gigamon
App for Phantom provides SecOps teams with automated and
orchestrated security operations and case management. The
application utilizes REST APIs provided by the GigaSECURE Security
Delivery Platform and enables Phantom users to trigger workflows or
remediation actions on the GigaSECURE Security Delivery Platform in
response to specific events.
Key benefits of the Gigamon App for Phantom include automating
common security operations tasks through predefined playbooks, and
orchestrating network threat detection and mitigation to reduce
mean time to resolution.
"Gigamon provides an innovative, extensible, pervasive platform
for visibility that integrates with Phantom to orchestrate and
automate critical security operations tasks," says Oliver Friedrichs, CEO and founder, Phantom.
"Our integrated solutions allow SecOps teams to work smarter,
respond faster and strengthen their network defense postures."
Availability
The Gigamon IPFIX Metadata Application
for Splunk and The Gigamon Adaptive Response Application for Splunk
are available for free download from Splunkbase. The Gigamon App
for Phantom is available for free download from the Phantom Apps
online community.
1Gartner, Inc., Shift Cybersecurity Investment to
Detection and Response, Ayal Tirosh,
Paul E. Proctor, May 3, 2017.
Additional Resources
- Splunk ecosystem partner web page.
- Phantom ecosystem partner web page.
- Defender Lifecycle Model web page.
About Gigamon
Gigamon (NYSE: GIMO) provides
active visibility into physical and virtual network traffic,
enabling stronger security and superior performance. The Gigamon
Visibility Platform and the GigaSECURE® Security Delivery Platform,
deliver advanced intelligence so that security, network, and
application performance management solutions in enterprise,
government, and service provider networks operate more efficiently
and effectively. Learn more at www.gigamon.com, the Gigamon blog or
follow Gigamon on Twitter, LinkedIn or Facebook. See What
Matters.™
Legal Notice Regarding Forward Looking Statements
This press release contains forward-looking statements within
the meaning of Section 27A of the Securities Act of 1933 and
Section 21E of the Securities Exchange Act of 1934. Forward-looking
statements generally relate to future events or our future
financial or operating performance. In some cases, you can identify
forward-looking statements because they contain words such as
"may," "will," "should," "expects," "plans," "anticipates,"
"could," "intends," "target," "projects," "contemplates,"
"believes," "estimates," "predicts," "potential" or "continue" or
the negative of these words or other similar terms or expressions
that concern our expectations, strategy, plans or intentions.
Forward-looking statements in this press release include, but are
not limited to, the potential benefits of Gigamon product
integrations with Splunk and Phantom, goals and expectations
regarding availability and future performance of joint solutions
with Splunk and Phantom, and opportunities for the GigaSECURE®
Security Delivery Platform, the Gigamon® IPFIX Metadata Application
for Splunk, Gigamon® Adaptive Response Application for Splunk, and
Gigamon® App for Phantom. Our expectations and beliefs regarding
these matters may not materialize, and actual results in future
periods are subject to risks and uncertainties that could cause
actual results to differ materially from those projected. These
risks include our ability to continue to deliver and improve our
products and general market, political, economic and business
conditions. The forward-looking statements contained in this press
release are also subject to other risks and uncertainties,
including those more fully described in our filings with the
Securities and Exchange Commission, including our Annual Report on
Form 10-K for the period ended December 31,
2016 and most recent Quarterly Report on Form 10-Q. The
forward-looking statements in this press release are based on
information available to Gigamon as of the date hereof, and Gigamon
disclaims any obligation to update any forward-looking statements,
except as required by law.
View original
content:http://www.prnewswire.com/news-releases/gigamon-introduces-new-integrations-with-splunk-and-phantom-bringing-its-defender-lifecycle-model-to-life-300533353.html
SOURCE Gigamon