View
Sorting
From A to Z
Products found: 3
Leidos Arena Insider Threat Identification
PROTECT YOUR BUSINESS WITH ARENA INSIDER THREAT IDENTIFICATION (ITI)
Traditionally, organizations believe that network monitoring tools were sufficient to detect an insider threat. But network monitoring only captures the individuals’ virtual data or digital trail – what systems an individual accesses, when they view and download files, send emails, access the web, and log on and off the corporate network. Many times these activities are not found early enough or simply not identified at all.WHY INVEST IN AN INSIDER RISK SOLUTION?
- Protect critical assets and prevent loss of intellectual and proprietary property, confidential data or customer information
- Ensure regulatory compliance, specifically for those in the defense industrial base, financial, and healthcare industries
- Avoid immediate or future loss of revenue
- Maintain customer and shareholder confidence
- Avert critical system or service availability disruption
- Prevent overall harm to an organization’s brand image and reputation
- Deter potential insiders
- Continuously ingesting intelligence from disparate company data sources
- Aggregating data through predefined models and scoring
- Drilling down for advanced analysis and further investigation
THE ARENA ITI ADVANTAGE
- Integrates existing enterprise data with behavioral models, and continually analyzes the data for indicators that an individual may be putting the company at risk
- Proactively alerts your team of at-risk individuals to protect the organization
- Combines an individual’s cyber footprint with non-cyber behavioral data for an accurate risk profile
- Gives analysts the ability to evaluate relationships between all data sets through a built-in link analysis tool
- Provides an easy-to-use interface and threat modeling capability customized to your specific industry, organization, and employee demographics
Delivers multi-dimensional views of data, in a variety of graphical and statistical outputs, easily assessed in minutes
-
-
ROI-
-
10
2
Leidos Cyber Industrial Defender ASM
INDUSTRIAL DEFENDER ASM FOR AUTOMATION SYSTEMS MANAGEMENT
Industrial Defender ASM is a management platform designed to address the overlapping requirements of cybersecurity, compliance, and change management for Industrial Control Systems (ICS). A “single pane of glass” that provides asset visibility, tracking, configuration, policy control, and reporting for industrial endpoints from multiple vendors.
APPLICATION FEATURES
Industrial Defender ASM includes an active dashboard and application feature sets. The Industrial Defender ASM active dashboard provides a tabbed interface for easy access to key information about assets, security, operations, and compliance. These tabs provide visibility to top level asset data, security event trends, operational controls, and system-wide compliance.
INDUSTRIAL DEFENDER ASM BENEFITS
Asset Management
Asset management features provide a fully automated solution to discover, track and report on hundreds and thousands of assets across your ICS footprint. Configuration & Change Management
Configuration and change management features provide a robust set of tools and reports that leverage asset management baselines to search, alert, manage, and control asset configurations.
Security Event Monitoring
Security event monitoring features provide actionable intelligence from your control system. These features consolidate, track, triage, and trend events in your ICS base using user-selectable time periods including hourly, daily, weekly, and monthly.
Policy Management
Policy management features automate the enforcement of compliance across your control systems asset base. As a vendor-agnostic solution, policies can be easily created and applied to multiple asset types, saving time, cost, and reducing duplication of effort. In addition to user-created policies, Industrial Defender ASM includes standard policies for NERC-CIP v3 and v5, Nuclear Energy Institute (NEI) 08-09 cybersecurity standards, and NIST SP 800-82. Report Management Report management features (Figure 7) eliminate the laborious manual task of data collection and report generation, providing a suite of standard reports, including NERC-CIP V3 and V5 reporting packages and a wide range of reports encompassing assets, configuration, firewalls, policy, software and patches, and users. Report subscriptions can be configured for non-privileged users, allowing them to receive reports via many alternative methods, ensuring the delivery of the most current information to those who need it most. Workflow Automation Work Automation Suite (Figure 8) is an optional feature set that integrates document management and reporting as part of a structured workflow enabling ICS professionals to streamline and eliminate the manual processes associated with change management.
- Gain a consolidated view into your ICS asset base at a single site and across your fleet to monitor trends, manage events and investigate anomalies
- Improve accuracy and efficiency of compliance reporting with automated data collection and archival of artifacts relevant to regulatory requirements
- Reduce cybersecurity risks with automated asset configuration collection, enabling you to perform on-demand vulnerability management
- Increase visibility into systems performance including application and process failures, registry and file changes
- Improve situational awareness and reduce total cost of ownership with multiple application feature sets on a single platform
Asset Management
Asset management features provide a fully automated solution to discover, track and report on hundreds and thousands of assets across your ICS footprint. Configuration & Change Management
Configuration and change management features provide a robust set of tools and reports that leverage asset management baselines to search, alert, manage, and control asset configurations.
Security Event Monitoring
Security event monitoring features provide actionable intelligence from your control system. These features consolidate, track, triage, and trend events in your ICS base using user-selectable time periods including hourly, daily, weekly, and monthly.
Policy Management
Policy management features automate the enforcement of compliance across your control systems asset base. As a vendor-agnostic solution, policies can be easily created and applied to multiple asset types, saving time, cost, and reducing duplication of effort. In addition to user-created policies, Industrial Defender ASM includes standard policies for NERC-CIP v3 and v5, Nuclear Energy Institute (NEI) 08-09 cybersecurity standards, and NIST SP 800-82. Report Management Report management features (Figure 7) eliminate the laborious manual task of data collection and report generation, providing a suite of standard reports, including NERC-CIP V3 and V5 reporting packages and a wide range of reports encompassing assets, configuration, firewalls, policy, software and patches, and users. Report subscriptions can be configured for non-privileged users, allowing them to receive reports via many alternative methods, ensuring the delivery of the most current information to those who need it most. Workflow Automation Work Automation Suite (Figure 8) is an optional feature set that integrates document management and reporting as part of a structured workflow enabling ICS professionals to streamline and eliminate the manual processes associated with change management.
Leidos Cyber Palisade
Palisade is a knowledge management and analyst workflow platform that provides the technical foundation for an integrated, intelligence-driven approach to cybersecurity.
The platform enables cyber analysts to collect intelligence about their adversaries’ activities and correlate trends that help to identify motives and tactics. Armed with such intelligence, analysts are better able to defend their network.
Intelligence is organized within the analytic framework of the Cyber Kill Chain, a seven step cyber threat model used to detect a persistent adversary, analyze their attack progress and develop actionable intelligence. The framework provides an analyst with the needed context to proactively mitigate threats before an incident occurs.
Built by analysts for analysts – Palisade offers advanced cyber intelligence management capabilities:
- Correlation and alerting
- Flexible intelligence ingest and export
- Incident and investigation tracking
- Indicator and mitigation management
- Analyst collaboration
- Campaign and adversary profiling
- Intelligence Driven Defense workflow and reporting