Automated Security Operations

Defend Your Network Before, During and After an Attack

Capturing critical forensic data as soon as a threat is detected and ensuring that engineers have complete visibility across the enterprise is a must when security incidents strike. NetBrain Automation starts this process the moment a threat is detected by your monitors, enabling teams to capture valuable data and to quickly assess impacts to the network infrastructure. NetBrain allows you to establish isolation automated processes in advance which can then be triggered at a moment’s notice when a security situation occurs. With NetBrain’s automation capabilities, hundreds or thousands of configuration changes can be pre-defined and executed in seconds to secure and stabilize the infrastructure, allowing time for teams to calmly address the root security issues. Once resolved, the isolation can also be quickly reversed to restore normal operations.

Automated Real-Time Response

As soon as your security monitors or other SIEM and IDS systems perceive a threat and before any operations team has even gotten involved, NetBrain Automation dynamically maps out the attack path of potentially malicious traffic, including all of the context and historical configuration changes that may have occured. NetBrain allows you to immediately visualize infrastructure changes and where malware has been involved to identify all impacted devices, services and application dependencies – in seconds.

01 Capture the crime scene as it’s happening

Capture Forensics in Real-Time

NetBrain’s event-triggered response automatically executes an intelligent runbook, which can contain any series of predefined diagnostics and other actions to triage the situation. The Executable Runbook enables infrastructure characteristics and performance observations to be captured at the time of the security incident. By capturing the incident forensics and another context at the exact moment it is occurring, remediation and future prevention can be streamlined. With NetBrain, you have critical data from the time of the event already in hand before containment procedures begin. And with our trigger automation, those containment procedures start before your operational staff even begins.

02 Automate initial forensics in real time

Separate Real Threats from the Noise

NetBrain’s Dynamic Maps form a visual management console for your entire end-to-end network, with all available third-party data presented in context. By having this comprehensive view at-a-glance when a security alert is created, you can easily see the severity of the issue at hand. NetBrain offers this context to allow you to avoid wasting time investigating nuisance or other information type of alerts. Without leaving NetBrain, users access data from all of their other security tools (SIEM, firewall log analyzer, packet sniffer) with just a click and can interactively run additional automated diagnostics to conclude decisively whether an anomaly is an actual threat.

03 Separate false positives from real threats

Quickly Isolate and Mitigate Attacks

NetBrain Automation enables your organization’s best practices and library of knowledge to be executed at the speed of the machine… two essential characteristics needed when responding to time-sensitive security incidents. Identify in seconds where you need to shunt traffic, disable ports, or update policies to quickly stop attacker traffic. Use NetBrain Change Management to push mitigation changes quickly and safely. And once the security issue is resolved, normal operations can just as easily be restored using our executable runbook automation.

04 Separate false positives from real threats

Continuous Observation

NetBrain Automation enables continuous observation of the intents and configuration details of your network, end-to-end. By continuously checking the configurations of each of your network components and confirming the ability for your network to deliver the intentions of your software architects, security issues can be identified before they greatly affect production.  NetBrain’s Intent-Based Automation coupled with our adaptive monitoring technology identifies configuration drift and compliance issues (often associated with security incidents) from impacting business objectives. Avoid compliance drift and inadvertently introducing vulnerabilities by automating regularly scheduled security checks across the entire network.

05 Improve Network Defense with Every Event