Securonix Extends Analytics-Driven Security Monitoring to Unmanaged and IoT Devices with Armis

Securonix

Next-Gen SIEM Announces Partnership with Agentless Device Security Provider to Enhance Visibility of Connected Devices and Improve Detection and Response to Unmanaged and IoT-Based Attacks

Securonix, Inc., a leader in Next-Gen SIEM, today announced a technology integration with Armis, the leader in agentless device security. The integration provides customers with complete visibility into all devices connected to enterprise networks – managed, unmanaged, IoT – allowing security operations teams to monitor their behavior and respond to malicious activity more efficiently.

An estimated 41.6 billion IoT devices will be connected to businesses within the next five years, and attackers are increasingly targeting them to penetrate networks. The integration imports device data and alerts from the Armis agentless device security platform into the Securonix Next-Gen SIEM platform, where it is enriched with patented machine learning algorithms for advanced threat detection, rapid response and future automated decisions.

“The lack of visibility into the increasing number of IoT and unmanaged devices connected to enterprise networks presents significant risk,” said Aditya TS, Senior Director Cyber Threat Analytics, Securonix. “From printers and cameras to even thermostats, the majority of everyday devices are now connected and provide a potential entry point for attackers to exploit. Today’s SOC teams require modern solutions allowing them to identify every device connected to the network, understand their behavior and take necessary action.”

Read More: The wide-spread adoption of IoT opens a gateway for security vulnerabilities

Through the integration, Armis asset inventory data (device type, reputation, users and known vulnerabilities) and Armis alert data (policy violations, configuration issues and threat intelligence) are ingested into Securonix’s multi-layer analytics and behavior modeling solution. Securonix processes this data at machine speed and correlates it with broader IT security events to present high fidelity alerts for rapid response through automated SOAR capabilities. SOC teams are also provided long-term data retention and search capabilities for forensics, incident response and compliance.

Specific threat detection use cases with the joint solution include:

  • Ransomware detection
  • Zero-day attack detection
  • Compromised asset detection
  • Anomalous network activity detection

Read More: How Advancements in IoT Platforms help Industrial Enterprises flourish

“Having a single solution to identify connected devices and automate investigation and response to advanced threats is essential in securing modern environments,” said Chris Dobrec, VP Product Marketing at Armis. “By routing our device insights through Securonix’s Next-Gen SIEM platform, we are allowing organizations to safely adopt new devices and technologies to drive innovation while maintaining optimal security posture.”