A New Security Model
Author Richard Stiennon and Sourcefire founder Martin Roesch discuss security trends.
Cisco and Sourcefire – Better Together
It’s no longer a question of “if” attackers get in, but “when.” Now you can continuously detect and block threats wherever they appear.
Traditional security technologies focus on visibility and blocking at the point of entry in order to protect systems. They scan files once at an initial point in time to determine if they are malicious.
But relentless attacks do not occur in a single point of time; they are an ongoing activity and demand continuous security.
To thwart today’s advanced attacks, you need solutions that can aggregate and correlate data from across the extended network with historical patterns and global attack intelligence. With that insight you can discriminate between active attacks, exfiltration, and reconnaissance compared to simple background noise.
Only then can you evolve security from an exercise at a point in time to an ongoing process of continual analysis and decision-making.
Across a Broad Range of Attack Vectors
You need solutions that operate everywhere a threat can appear—on the network, secure gateways, endpoints, mobile devices, and in virtual environments.
Enforce Policies Automatically
Should a file pass through that was thought to be safe but later demonstrates malicious behavior, you need to be able to take action. With real-time insight from Cisco and Sourcefire solutions you can employ intelligent automation to enforce security policies without manual intervention.
Detect, Block, and Defend
During an attack, solutions like Sourcefire’s Next-Generation Intrusion Prevention System give security professionals the ability to detect, block, and defend against attacks that have penetrated the network and are in progress.
Still, given the nature of advanced attacks today, the best threat detection alone isn’t sufficient to completely protect your environment. Security methods must also include the ability to mitigate the impact once an attacker gets in.
That’s why Sourcefire, together with Cisco, delivers an entire portfolio of threat-centric cybersecurity solutions. Our technologies work together to deliver protection across the full attack continuum—before, during, and after an attack.