Securonix, Inc., a leader in Next-Gen SIEM, today unveiled Securonix Jupiter, the latest release of its cloud-native SIEM platform. New and enhanced features provide customers with the ability to detect and respond to advanced threats more quickly and accurately, deliver better time-to-value and user experiences for security analysts, and add flexible SaaS service options to optimize cost and performance. Securonix Jupiter is generally available now.
The Securonix Next-Gen SIEM platform combines security data lake (SDL), user and entity behavior analytics (UEBA), and security orchestration, automation, and response (SOAR) into a complete, end-to-end security operations platform. Built in the cloud, for the cloud, Securonix provides complete visibility and unlimited scalability with no infrastructure to manage.
“There’s no shortage of security-related data for modern organizations to leverage. As this data continues to grow exponentially, it’s incredibly challenging for security teams to scale and manage their security tools while still focusing on their main mission of combating threats,” said JP Cheenepalli, Director of Cybersecurity Engineering, AmerisourceBergen Corporation. “The new capabilities in Securonix’s Jupiter release, particularly data onboarding automation and content-as-a-service, will give our security team the ability to rapidly onboard new data feeds and stay ahead of attackers with up-to-date content services. We had exposure to some of the features of the Jupiter release as part of the beta testing and cannot wait for the GA version.”
Enhanced Threat Detection and Response
New enhancements and features provide security analysts and threat hunters access to advanced analytics to better detect emerging cloud threats, including:
- Content as a Service: Customers gain easy access to up-to-date content from the Securonix Threat Labs and Content team. This improves detection by giving organizations more access and control to continuously updated content through the user interface.
- Autonomous Threat Hunting: When new threats start circulating like HAFNIUM, Securonix offers customers a free autonomous threat hunting service. When new threats are reported, Securonix’s services search across opted-in customer environments for indicators of compromise. If any are found, the customer is notified immediately and given guidance on next steps from the Threat Labs team.
- Intelligent Live Channel: Security analysts and threat hunters are now able to search on live, raw data to immediately detect active threats to their environments instead of waiting for data to be fully ingested by Securonix. This real-time access to the raw event fields allows them to search for active threats in the wild, without having to wait for analytics to process and surface concerns or troubleshoot data ingestion disruptions.
- Cloud Content 2.0: This delivers updated cloud monitoring and detection content. The new content is primarily around the MITRE Cloud Matrix tactics and techniques, which is especially important for cloud infrastructure environments with AWS, GCP, and Azure.
- Multi-Tenant Response: Multi-tenant response capabilities enable customers and managed service partners to take faster incident response across multi-tenant environments from a central point of action.
- On-Demand Case Creation: Security analysts can create new cases and attach associated evidence without starting from a specific entity or artifact, enabling faster, more flexible responses to potential security events.
- Community Collaboration: A new integration with SIGMA framework enables customers to run SIGMA queries for search and hunt from the Securonix Spotter console.
Improved User Experience
New processes and capabilities are available to ensure that customers and partners enjoy the benefits of Securonix immediately, and security analysts can interact with the platform in meaningful ways. New and enhanced abilities include:
- Data Onboarding Automation: Securonix has introduced a new and refined data onboarding process that’s simplified into three steps: Auto Discovery, Auto Parsing, and Identity Enrichment. This improved process increases time to value by reducing manual steps to onboard data sources.
- Data Dictionary: A unified dictionary of labels to streamline search and increase consistency. This feature streamlines the mapping of attributes and correlation of information from data sources to eliminate confusion and increase reliability.
- Activity Monitor: This new capability unlocks visibility into the data ingested by Securonix on the device level. Activity Monitor helps customers reduce the time it takes to identify data ingestion issues and the dependency on the Securonix Operations team to investigate service disruptions.
SaaS Service Optimization
New SaaS service capabilities and deployment models provide customers the flexibility to choose the architecture that is best suited for their environment.
- Bring your own AWS: The new deployment model provides customers with the benefits of Securonix’s fully managed SaaS SIEM solution while allowing them to maintain ownership of their data. Securonix hosts the core SIEM application service on its AWS account, while the data ingestion, processing and storage is hosted on the customer’s AWS account.
- SaaS Service Enhancements: The enhancements include more data on-boarding options, flexible retention and search options, additional security features, and disaster recovery options – all aimed at providing customers the ability to choose the optimal solution for their needs.
“With the increased complexity of hybrid environments, security operations teams are spending way too much time configuring and managing security tools, rather than using them to improve their security posture,” said Tanuj Gulati, CTO, Securonix. “Our goal at Securonix is to empower security teams to work quicker and more efficiently, and our new Jupiter release is proof that we are executing on that promise. The new capabilities in Jupiter focus on three key outcomes for security teams – reducing mean time to respond with improved detection and response capabilities, improving analyst speed and efficiency through automation and better user experiences, and optimizing cost and performance with more innovative, cloud-native SaaS capabilities.”
To learn more about how Securonix helps security teams work more efficiently to better detect and respond to advanced threats in their environments, attend Securonix’s product launch event ‘To Jupiter and Beyond’, taking place on April 21, 2021: https://www.securonix.com/jupiter/?mkt_tok=MTc5LURKUC0xNDIAAAF7_5BbIqXEpgt44wW_jvgmkCSYTJl-dJi4S1X4fzFOKEZ2hsrMD6VdQ5CI7pIuofo-9J8tVBW79S9WSVayvA .
Securonix is redefining SIEM for today’s hybrid cloud, data-driven enterprise. Built on big data architecture, Securonix delivers SIEM, UEBA, SOAR, Security Data Lake, NTA and vertical-specific applications as a pure SaaS solution with unlimited scalability and no infrastructure cost. Securonix reduces noise and prioritizes high fidelity alerts with behavioral analytics technology that pioneered the UEBA category. To learn more, visit www.securonix.com or follow us on LinkedIn, Facebook and Twitter.