Lancope’s StealthWatch System makes up a key component of the Cisco Cyber Threat Defense Solution, designed to combat today’s most stealthy, sophisticated cyber-attacks. Combining the advanced security capabilities of Lancope and Cisco, the solution provides unprecedented visibility into the network interior.
Complex, elusive threats can linger within a network for months or even years, stealing data and disrupting operations. The main goal of the Cisco Cyber Threat Defense Solution is to enable organizations to more quickly uncover network anomalies and suspicious behaviors that could lead to damaging attacks.
As part of its inclusion in the solution, StealthWatch includes specially tailored reporting dashboards for tracking:
- Network reconnaissance – probing of the network to uncover attack vectors that can be leveraged for customized attacks
- Internal malware propagation – the spread of malware across hosts on the internal network to gather security reconnaissance information, steal data or create backdoors for infiltrating a network
- Command-and-control traffic – botnet communications between attackers and compromised hosts within the network
- Data exfiltration – the export of sensitive information back to an attacker, generally via command-and-control communications
- Internal host reputation – uncovering users that conduct suspicious behavior inside the network
These intelligence dashboards provide a faster, more direct means of tracking the most nefarious types of attack attempts before they wreak havoc on network assets. Additionally, through Lancope’s Operational Network & Security Intelligence (ONSI) dashboard, StealthWatch security alarms are closely aligned to these various steps of the cyber attacker’s “kill chain.” This provides greater security context for faster threat detection, more precise incident response and improved troubleshooting of these stealthy, malicious behaviors.