An estimated 41.6 billion IoT devices will be connected to businesses within the next five years, and attackers are increasingly targeting them to penetrate networks. The integration imports device data and alerts from the Armis agentless device security platform into the Securonix Next-Gen SIEM platform, where it is enriched with patented machine learning algorithms for advanced threat detection, rapid response and future automated decisions.
“The lack of visibility into the increasing number of IoT and unmanaged devices connected to enterprise networks presents significant risk,” said Aditya TS, Senior Director Cyber Threat Analytics, Securonix. “From printers and cameras to even thermostats, the majority of everyday devices are now connected and provide a potential entry point for attackers to exploit. Today’s SOC teams require modern solutions allowing them to identify every device connected to the network, understand their behavior and take necessary action.”
Through the integration, Armis asset inventory data (device type, reputation, users and known vulnerabilities) and Armis alert data (policy violations, configuration issues and threat intelligence) are ingested into Securonix’s multi-layer analytics and behavior modeling solution. Securonix processes this data at machine speed and correlates it with broader IT security events to present high fidelity alerts for rapid response through automated SOAR capabilities. SOC teams are also provided long-term data retention and search capabilities for forensics, incident response and compliance.
Specific threat detection use cases with the joint solution include:
- Ransomware detection
- Zero-day attack detection
- Compromised asset detection
- Anomalous network activity detection
“Having a single solution to identify connected devices and automate investigation and response to advanced threats is essential in securing modern environments,” said Chris Dobrec, VP Product Marketing at Armis. “By routing our device insights through Securonix’s Next-Gen SIEM platform, we are allowing organizations to safely adopt new devices and technologies to drive innovation while maintaining optimal security posture.”