Hillstone XDR Solution

iSource can integrate a wide variety of data across the full spectrum of the network, from endpoints to cloud. This data can include NetFlow, Sysmon, Syslogs, metadata, threat information and third-party logs, all of which are then standardized, correlated and analyzed to provide complete visibility and break down security information silos. It not only brings full security visibility with far fewer blind spots, but also improves detection accuracy by minimizing false positives.

iSource leverages information from third-party intelligence partners worldwide to provide additional input for the analysis engine to leverage and enable comprehensive vulnerability and risk management. Additionally, by integrating with third-party partners, iSource gains a very comprehensive signature database. Pairing this with machine-learning technology that Hillstone has been developing since the early 2010’s yields a very thorough correlation analysis engine that is capable of generating in-depth, concise, high-confidence logs in limited quantity. During this process, false positives and duplicates are additionally eliminated to further mitigate alarm fatigue for security teams.

If a remediation strategy has been configured, once a threat is identified, iSource will automatically execute the appropriate mitigation actions according to a predefined playbook. Templated playbooks are

created according to default templates provided by Hillstone Networks for common vulnerabilities. This option is especially helpful for hamstrung security teams, or enterprises that lack a team of skilled cybersecurity professionals.  Alternatively, the customizable playbooks can be user-defined and built from scratch, tailored for the user’s business needs. iSource includes the option of eliminating automatic implementation of mitigation strategies and leaving that step purely up to the discretion of the user. If playbooks are implemented, iSource will communicate recommended action steps back to the point security solutions and services that are fully integrated with iSource.

Hillstone’s iSource offers a customizable dashboard that allows simple access to the organization’s security posture with comprehensive statistical information such as rankings of threat events by criticality level, as well as incident summarization and security trends with graphical charts and lists. iSource also supports template-based or customizable reports that can be scheduled or generated on demand. Public APIs enable integration with third-party tools or security products to delineate the necessary remediation steps.