Security-Threat Intelligence/Incident Response

Winner:

Cisco SecureX

With its recently launched SecureX platform, Cisco delivers enhanced security visibility using powerful analytics and automation—accelerating threat detection and response. The cloud-native platform enables broad visibility of security environments at a customer, while deploying analytics to improve the detection of policy violations and unknown threats. The offering also helps to make operations more efficient through the automation of typical security workflows, such as threat investigation and remediation. The Cisco SecureX platform has the capability to analyze data and events from more than 150 million endpoints—along with traffic from networking infrastructure, private data centers and the public cloud—to rapidly identify the targets of cyberattacks, ultimately enabling remediation measures.

Finalists:

Flashpoint Compromised Credentials Monitoring

Flashpoint’s Compromised Credentials Monitoring offering provides advanced monitoring for exposure of compromised credentials. The offering uses technology that rapidly collects and processes data and credentials and then enables organizations to access the most up-to-date breach data and receive notifications as soon as compromised credentials have been identified.

Fortinet FortiAI

Fortinet’s FortiAI on-premises appliance leverages self-learning deep neural networks to accelerate threat remediation. Key capabilities include a virtual security analyst that embeds advanced cybersecurity AI—developed by Fortinet’s FortiGuard Labs—directly into an organization’s network to deliver rapid detection of threats.

Sophos Managed Threat Response

Sophos Managed Threat Response integrates with the company’s protection capabilities to ensure security teams end up dealing with the most important alerts. The standard offering provides detection and response capabilities, while an advanced offering includes asset discovery and a dedicated threat response lead—as well as connectors to all the threat data coming from locations other than the endpoint.

Tenable.ot 3.7

Tenable.ot 3.7 identifies and prioritizes threats with capabilities such as 360-degree visibility into an organization’s attack surface; threat detection and mitigation via identifying policy violations, detecting anomalous behaviors and tracking signatures for potential high-risk events; and adaptive assessment that provides insight and situational awareness about infrastructure systems.

Watchguard Threat Detection and Response

WatchGuard Threat Detection and Response is a collection of advanced malware defense tools that correlate threat indicators from Firebox appliances and endpoint Host Sensors to stop known, unknown and evasive threats. One key component, ThreatSync, continuously collects and correlates threat event data, then analyzes it against threat intelligence feeds and assigns a rank based on threat severity.