- Company (that provides the nominated product / solution / service): GuardiCore
- Website: http://guardicore.com
- Company size (employees): 61
- Product Version Number: v2.0
- Type of solution: Software
- Year this product or service was first introduced to the market: 2015
- Year the current version of this product or service has been released: 2016
- Approximate number of users worldwide: 25
In 3 bullets, summarize why this product or service deserves recognition:
• Our flagship product, the GuardiCore Centra Security Platform, is the only security product on the market today that provides a single, scalable platform that covers five critical capabilities for effective data center security: flow visualization, micro-segmentation, breach detection, automated analysis and response.
o Flow visualization provides automatic discovery and visibility into all applications and workloads in the data center - down to the process level. This allows IT teams to easily view and monitor communication flows inside the data center.
o Micro-segmentation policy allows IT and security teams to define granular security policies between processes and monitors those policies for variations and suspicious activity.
o Distributed and dynamic threat deception interrogates, records, and monitors active attacker sessions, detecting malicious behavior and providing insights on attacker methods and spread.
o Automatic analysis enables security teams to quickly prioritize security incidents requiring immediate response that would otherwise involve hours of human analysis using traditional tools and techniques
o Automated response allows for real-time attack isolation and remediation of infected systems, stopping an attack early in the kill chain.
• GuardiCore Centra supports virtually any data center environment – including physical (bare metal) servers, virtualized servers, SDNs, containers and public or private clouds - and is integrated with leading data center and cloud computing infrastructure technologies, including Software Defined Data Center controllers and orchestration components, network and server virtualization platforms, containers, network security and management. GuardiCore only requires the installation of a single, lightweight software component on host machines to monitor all traffic and perform other specific security functions. Core integration partners of GuardiCore include VMware, Cisco, Nuage Networks, Nutanix, AWS, Docker and Check Point Software.
In less than 300 words, summarize the most important features and benefits of this product or service
GuardiCore was founded with the vision that security for the data center must keep up with the rate of constant change while also closing the gap between traditional security technology and a sophisticated threat actor’s ingenuity.
Using deception as a security tactic is not new but implementing deception technology for real-time breach detection inside data centers at cloud scale is. GuardiCore enables this with these unique features as part of its Centra Security Platform: Dynamic Deception, Automated Analysis and Response, and Cloud Scale.
Dynamic Deception: Many deception solutions on the market use either static honeypots or breadcrumbs, strategically placed throughout the internal network. GuardiCore has a unique approach to covering all traffic and engaging all suspicious connections by listening to all traffic in the data center. Any attempt to access closed or blocked ports, as well as invalid IP addresses and invalid DNS queries, triggers GuardiCore to redirect requests into a dynamic, and isolated deception environment. Once redirected, GuardiCore’s engagement system is second to none, featuring real servers, not emulation, allowing the deception system to engage the attacker in a believable fashion with a robust decoy attack surface, while reducing attacker ability to fingerprint it.
Automated Analysis and Response: GuardiCore performs automatic and detailed analysis on all decoy sessions while recording, running analysis and presenting each confirmed breach as an actionable security incident. This is an important capability as GuardiCore reduces the detection time and includes a summary with detailed forensic data allowing administrators to immediately understand what happened, and how to quickly and easily prioritize for appropriate response.
Cloud Scale: GuardiCore was specifically designed to run in data centers and cloud environments, and purpose built to scale to high traffic rates of the most demanding data centers, with a small footprint that has little to no impact on performance.