Gigamon Deep Observability Pipeline

Supercharge your observability tools with actionable network-level intelligence to realize the transformational promise of the cloud.

LEARN MORE

CLOUD VISIBILITY

DATA CENTER VISIBILITY

NETWORK SECURITY

TRAFFIC INTELLIGENCE

From the Core to the Cloud, See it All

Simplify, secure and scale your hybrid cloud infrastructure to accelerate digital innovation.

CLOUD VISIBILITY

DATA CENTER VISIBILITY

NETWORK SECURITY

INDUSTRY

A Thriving Partner Ecosystem

Gigamon reseller and integration partners design, implement and optimize best-of-breed and validated joint solutions.

FIND A PARTNER

NOT A PARTNER?

ALREADY A PARTNER?

Proven Support and Services

Our global support team is committed to creating experiences of unmatched quality, scalability and efficiency.

OVERVIEW

GET SUPPORT

VÜE COMMUNITY

voice of the customer

Gigamon serves the world's more demanding enterprises and public sector agencies, enabling them to harness actionable network-level intelligence to amplify the power of their cloud, security and observability tools.

CUSTOMERS

cegedim

Cegedim.cloud

Improves cloud infrastructure and visibility

 

Five9

Five9

Delivers Cloud-Powered Contact Center Excellence

DoD

Department of Defense

Confidently feeds different tool sets in the physical and virtual world.

 

Resource Library

Your one-stop hub to explore content resources and stay current on the latest in how to amplify the power of your cloud, security and observability tools.

RESOURCES

def-guide

Achieve Hybrid Cloud Observability

Strengthen visibility and security.

deep observability

Observability is Key to Transformation

Unleash cloud potential with deep observability.

ebook

Deep Observability eBook

Take your security and observability tools to a whole new level.

WHY GIGAMON

Gigamon offers an advanced deep observability pipeline that harnesses actionable network-level intelligence to amplify the power of your cloud, security and observability tools.

LEARN MORE

IN THE NEWS

COMPANY INFORMATION

Deep Observability

Unseen Threats Can Lurk in Your Midst

Deep observability exposes previously unseen threats.

GPTW

Join the Team

Become a part of the OneGigamon team. Search for your next opportunity.

SHARE
Security / January 21, 2021

ThreatINSIGHT 3.3 Enabling Discovery of Hidden Threats and Rapid Investigations

Jason Tesarz Jason Tesarz  

A pillar of the Gigamon ThreatINSIGHT™ and Applied Threat Research (ATR) team is to continue to innovate and expand the product’s capacity to dismantle an adversary’s ability to impact our customers. We focus on machine-learning (ML) detection techniques that identify threat actors’ behaviors that would otherwise go unidentified and apply our experience as former practitioners to augment the product with capabilities to speed investigations.

In 2021, we are focusing on ensuring ThreatINSIGHT also works with and enhances our customers’ other technologies, with integrations with third-party threat intelligence and endpoint detection and response (EDR) vendors.

What’s New

High-fidelity behavioral-based detection: ThreatINSIGHT 3.3 includes new ML-based identification of NTLM credential abuse as part of an actor’s lateral movement. ATR has also designed new data exfiltration analytics observations to bring focus to potential malicious behavior.

Rapid, informed response: ThreatINSIGHT is excited to announce Meta Stream, allowing enterprises to export and retain ThreatINSIGHT metadata indefinitely in their own data repository. This will enable indefinite extended investigations beyond 30 days and support customer audit requirements. ThreatINSIGHT 3.3 also is extending the Tagging functionality of the product so that events are now enriched with annotations as they are ingested and will provide greater context for responders. Annotations include automatic tagging of applications, environments, location, owner and roles to increase the information presented to security teams so they can make informed decisions quicker.

Integrations: Customers who have licensed CrowdStrike, Proofpoint, ThreatConnect or Recorded Future threat intelligence feeds now can automatically analyze their network traffic in real time for threat intel matches using ThreatINSIGHT, speeding detections and enhancing context during investigation efforts. This powerful application for threat intelligence feeds increases the value of both ThreatINSIGHT and the threat intelligence purchase for our joint customers.

Gigamon ThreatINSIGHT customers can read the 3.3 release notes in the help section of the web portal.

Featured Webinars
Hear from our experts on the latest trends and best practices to optimize your network visibility and analysis.

CONTINUE THE DISCUSSION

People are talking about this in the Gigamon Community’s Security group.

Share your thoughts today

  • © Gigamon 2024
Back to top