Network Traffic Analysis Receives ‘High’ Benefit Rating; Improves Ability to Spot Attacks with a Higher Degree of Certainty
MILPITAS, Calif., Aug. 18, 2017 – SS8, the network intelligence company, today announced it has been recognized as a sample vendor in Gartner’s “Hype Cycle for Threat-Facing Technologies, 2017” for the emerging category of Network Traffic Analysis (NTA).
In the report, Gartner analysts Jeremy D’Hoinne and Lawrence Orans emphasize, “Malware and other threats that have gone inside the network without being detected and have managed to infect the organization’s assets is a use case where enterprises experience long dwell times before noticing an intrusion and acting on it… Network traffic analysis improves the ability of security analysts to spot these attacks with a higher degree of certainty, facilitating a triage of events and prioritization of actions to be taken.”
“We agree the benefit rating for NTA is high,” said Tony Thompson, VP and general manager of threat detection for SS8 Networks. “Organizations are overwhelmed with complex user interfaces, security data and alerts, and the lack of resources makes it impossible to investigate every possible indicator of compromise. We believe SS8 stands out by providing simple-to-understand threat information that is device-centric, versus alert fatigue.”
The report adds, “NTA solutions, because they analyze internal traffic consisting of either lateral traffic (east-west), inbound/outbound traffic (north-south) or both, may be able to detect malware and other malicious activities as they spread through the network. However, the network traffic the attacker generates will be analyzed by NTA solutions, providing contextualized information to differentiate legitimate and abnormal activities. NTA vendors are heavily focused on workstation behavior analysis.”
SS8 BreachDetect uses a device-centric, recursive analytics model for network-based threat detection. Software sensors extract high-definition records (HDRs) from network communications, which are stored, analyzed and correlated with the latest threat intelligence. SS8 applies cloud-delivered analytics to continuously rewind the network and piece together behaviors that map to specific devices. The system simplifies the workflow with a color-coded, Kanban-style threat board that points directly to devices-of-interest and offers visualizations of the cyber kill chain for each device.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
About SS8 Networks
SS8, the network intelligence company, provides solutions to help customers quickly identify, track and investigate suspects and devices of interest. By generating, storing and analyzing months, and even years, of high-definition records (HDRs) extracted from network packets, SS8 customers gain unprecedented intelligence for investigating what matter most. SS8 is trusted by six of the largest intelligence agencies, eight of the 14 largest communications providers and five of the largest systems integrators. Visit www.ss8.com or follow us on Twitter @SS8.
 Gartner, Hype Cycle for Threat-Facing Technologies, 2017, Published: 17 July 2017 ID: G00313843, Greg Young