Plan B Gets a Name: Rapid Detection and Response
September 22, 2011 3 Comments
I have been openly evangelizing for a Plan B for malware detection for three years. I have also been looking for a name for this approach, and today I saw an article that used a term that I have seen in several places lately that I think has some merit:
Rapid Detection and Response.
Great way to describe the concepts offered in a general sense here, and a great way to describe one of the fundamental benefits of Triumfant.
In short, the perimeter is porous, and attackers are smart, motivated and well funded and will target specific things at specific organizations. The net is that attacks are getting past shields at an increasing rate. You must have a way of quickly identifying the attacks that do get through and have the information to trake an immediate and informed response.
Triumfant detects the attacks that evade your defenses. Detection is within minutes of the attacks and returns a comprehensive forensic analysis of the attack including every granular attribute affected. Triumfant will also build a contextual remediation that will repair the machine, stopping the attack and fixing the collateral damage to the machine. For details, I suggest you go to the solution brief and the white paper on Malware Detection and Remediation.
Triumfant detects, it does so rapidly, and it formulates a response automatically. Triumfant detect rootkits. Triumfant detects zero day attacks. Triumfant detects the advanced persistent threat. That sounds like Rapid Detection and Response to me.