Hillstone’s flagship XDR solution, iSource, has achieved many breakthroughs in its V2.9 release, including enhancements in asset discovery and management, threat detection and analysis, and security orchestration and response. Let’s reveal these new features.
Cleaning out your asset closet in more flexible ways
When managing assets within a network, it is ideal to only include necessary assets in the list, those that are active and don’t impact system performance. To address this, iSource V2.9 introduces an automatic off-load mechanism, removing “retired” assets from the list within the specified area to eliminate interference and improve management efficiency. In terms of asset discovery, the new version provides a rapid scan mode, helping you gain a holistic view of assets in a short time.
Connecting islands into continents with more powerful engines
“No man is an island,” with attacks increasing in sophistication, isolated events may indicate a more significant one – iSource V2.9’s log-based and event-based engines aim to resolve this. Unlike original traffic-based engines, they focus on the inherent correlation between multiple syslogs or events at a higher level to identify potential threats and implement proactive defenses, allowing for a more comprehensive SecOps solution.
Going beneath the surface with more advanced tools
The best way to manage exposure, reduce risk and vulnerability is to understand your attack surface through the eyes of an attacker. In this version, detected threats will be mapped to the MITRE ATT&CK® framework, enabling adequate analysis of attack techniques, from which users can develop more targeted response strategies. Additionally, iSource V2.9 supports aggregation of threats from various perspectives, such as attackers and victims, improving overall awareness of the security posture.
Diving into automated response with smarter playbooks
Playbooks standardize response and reporting procedures; therefore efficient orchestration of playbooks has always been our pursuit. In this version, we fully polish the process of responding to threats, from triggering to execution, decision, and feedback. Moreover, we add a re-execution feature for the case when actions defined in the playbook have not been executed first, ensuring response coverage as well as helping simplify and automate security operations.
Hillstone iSource V2.9 streamlines security processes, connects different security tools and technologies, and maintains the right balance of machine-powered automation and human intervention, arming security professionals to better protect their organization’s critical network. For more information, contact your Hillstone representative or authorized reseller.