Cisco is beefing up its Tetration data centre analytics platform with security tools that extend the platform’s reach into the cloud.
The company is giving the platform a revamp by adding new security tools that are designed to identify vulnerabilities and manage and analyse the behaviour of processes.
First launched in 2016, the Tetration analytics platform was intended to monitor and analyse data centres using machine learning in order to identify IT management issues. However, Cisco has been steadily expanding the cybersecurity capabilities of the platform so that it can better predict and advise on potential security threats. These additions now enable Tetration to detect behaviour patterns that differ from the norm, using its new addition of advanced baseline deviation monitoring.
Vulnerabilities are detected by comparing a workload’s behaviour to Talos, Cisco’s threat intelligence platform, as well as the Common Vulnerabilities and Exposure (CVE) database. Using this data, Tetration is able to identify servers that have software packages with known CVEs. It provides a scorecard that ranks the severity of specific vulnerabilities and identifies all servers that may be affected.
It also monitors applications to create a baseline view of their normal behaviour, generating an alert if it detects any behaviour patterns that deviate from that baseline.
The attraction of this approach is that IT departments are increasingly focusing their efforts on detection rather than simply trying to strengthen the network perimeter. The challenge is discovering where malware resides and then containing whatever damage is being inflicted. Alongside this is the requirement to identify the vulnerabilities that are most commonly exploited by cybercriminals.
Yogesh Kaushik, senior director for Tetration at Cisco, put it neatly when he said, “You can’t protect what you can’t see. The Tetration visibility engine spans the hybrid cloud environment, knows what’s running on these workloads and what files it is touching.”
Cisco Business Development Manager