The RedSeal 6 Platform is a security risk management solution that provides continuous monitoring of the access paths within both corporate and government network environments
In order to support the ever increasing IT workload, new platforms are emerging as a means to help mitigate complexity and reduce the overall risk. Every day, RedSeal gathers the configurations of all the network devices: firewalls, routers, mobile device controllers and load balancers, building a virtual model of your network by analyzing how the rules on all of these devices work together to defend business assets. In turn, it can validate these access configurations against governmental and industry-driven regulations as well as internally defined security policies.
One of the main reasons why breaches continue to happen is that it is very difficult to visualize and maintain an accurate and common view of the network across networks and security operations teams.
RedSeal 6 allows organizations to:
- Pinpoint weaknesses and risk through complete end-to-end network visibility including mobile networks, with support for all network device and security software vendor solutions via a comprehensive partner ecosystem.
- Improve productivity with automated, exposure-based remediation prioritization to mitigate cyber risk.
- Maximize efficacy of existing security investments with predictive threat modeling and metrics for in-depth assurance and situational awareness.
-
Cut compliance costs with automated continuous audit and control monitoring of the entire network device infrastructure.
Supplement Existing Network Infrastructure
RedSeal delivers the industry’s most powerful network and security operational insights using patented network visualization and predictive threat modeling. The RedSeal 6 platform supplements traditional and next generation network infrastructure SIEM systems, and GRC platforms.
SIEM Integration
Security and Information Event Management systems (SIEM) have emerged to become the defacto standard in Enterprise networks to correlate and normalize reactive, incident-based events from disparate security devices and applications. While they do perform this task well, they often lack awareness of the network topology and network device infrastructure that is critical to prioritizing remediation efforts. Without having knowledge and insight into the underlying network and placing of compensating controls, network and security operations can struggle to decide which issues to address first.
RedSeal Networks combines network infrastructure access violations to policy, best practice violations and topology aware vulnerability prioritization data with security event information. The events can be sent directly into an SEIM system using proprietary communication formats or via Syslog enabled alerts. The RedSeal data provides increased granularity for incident prioritization based network device or host system location, severity of violation, in addition to whether or not the host is shielded by a compensating control, such as a firewall.
RedSeal supports many of the leading SIEM and security platforms, including HP ArcSight
and McAfee ePO.