Security / January 22, 2019

EMA Names Gigamon Insight One of the Most Innovative Vendor Solutions for Threat Detection and Incident Investigation

After watching tools with massive time and monetary budgets behind them repeatedly crumble under the weight of performing, at scale, over network data, Gigamon Insight (previously known as ICEBRG) was created to provide that previously unseen, but required, broad coverage network-monitoring capability. Built by a mission-first team with years of experience in the information security space, Gigamon Insight provides the network-level visibility and capability that world class detection and incident response teams rely on.

David Monahan at Enterprise Management Associates (EMA) conducted in-depth research across 32 vendors and assessed them against key security analytics use cases. We are honored that, from this research, EMA named Gigamon one of the top vendor solutions for Enhancing Incident Investigation and Identifying Advanced Threats by providing organizations the ability to detect, hunt and investigate security threats, enabling fast and effective responses to mitigate the potential impact of security breaches.

Enhanced Incident Investigation

According to Gartner, “The key success in an investigation is quick access to data and consistent visibility across your enterprise network.”

With those requirements in mind, how does Gigamon Insight stack up? Exceedingly well, it turns out. Insight helps by providing:

  • Greater visibility through raw and enriched network metadata gathered across physical, virtual and cloud networks, which empowers teams by helping them understand what is happening in their network in one cohesive platform
  • Network metadata through a scalable and responsive platform that can track assets, user and file activity traversing the network, which assists analysts in investigating threats and quickly perform root-cause analysis
  • More complete and efficient threat investigations through real-time access to current and historical network activity information

Identifying Advanced Threats

Gartner also says that “Advanced threats are simply those better designed to hide, disguise themselves and execute in a stealthy manner. Leaving as little a footprint as possible and try to obfuscate their network presence.” Being able to detect these threats largely relies on the availability and quick access to large amounts of data.

Insight provides detection capabilities to detect these threats through:

  • High-confidence detection of threat activity with relevant alert context to help analysts focus on actual threats and minimize alert fatigue
  • Gigamon Applied Threat Research (ATR), which builds leading-edge detection and investigation capabilities leveraging the vast Insight network of telemetry and intelligence dataset included as part of the Insight SaaS

If you are ready to hear more or see Insight in action, request a personalized demo. Or, learn more about these use cases by downloading Security Analytics for Threat Detection and Breach Resolution in 2019.

Back to top