HYAS Confront uses domain and proprietary machine learning expertise to track and detect anomalies in production networks and improve the visibility of applications moved to the cloud.
The security solution that cybersecurity company HYAS Infosec will soon launch specifically targets production networks. Called HYAS Confront, the software, equipped with threat detection and response capabilities, continuously monitors traffic to detect anomalies and reduce risk. Its purpose: to solve security problems that can affect cloud -based production networks, networks that the supplier describes as “the underlying infrastructure of enterprise applications that faces externally and generates revenue.” “HYAS is committed to providing our customers with the solutions they need to ensure the stability, continuity and risk management of their business,” said David Ratner, CEO of HYAS. HYAS Confront “has proven itself in live deployments to several customers and will be available generally in June,” said the CEO of the Canadian publisher.
A supervised learning model
HYAS Confront records all internal machine-to-machine communications in the production network as well as outgoing communications from the network. From this information, HYAS analyzes communication destinations, traffic patterns and related data to highlight any anomalies. “Ongoing evaluation, combined with human intervention, allows HYAS to determine the base of operations that will serve as a baseline for future anomaly detection,” Ratner explains. Confront then uses “advanced threat assessment and machine learning” to continuously monitor anomalies and unusual activity that deviate from pre -established patterns. “Typical” operations can be compared to “labels” in supervised machine learning models, which use training data that helps the model identify and record typical contexts, then address and validate the data. test.
Confront features so-called passive deployment capacity, with continuous and proactive monitoring of problems, without affecting availability, performance or latency. Confront also claims several important benefits, including integrations with existing security components, better network cleanliness, instant deployment, and real-time insights. “This addition to HYAS Infosec’s robust suite of security solutions is exciting,” said Gary McAlum, Principal Analyst at TAG Cyber. “This monitoring focused on the company’s production network, in addition to the surrounding infrastructure, is very innovative,” he added. “But Confront’s unique approach also presents challenges,” the analyst said. “With this passive mode of operation, it will be difficult, but not impossible, to prove the value of risk reduction in the production network without affecting performance or injecting latency,” McAlum pointed out. “Another challenge relates to responding to the incident: if a threat is reported to the production network, careful investigation is required to take appropriate action and avoid a negative impact on business operations.”
An additional layer of security?
Another challenge for Confront is navigating a complex and overlapping security ecosystem, where enterprise security teams already have multiple security tools and capabilities to manage. “HYAS needs to clearly articulate operational ROI by adding another layer to a scattered security stack. But if the vendor can show that its solution can replace some existing tools without affecting operational efficiency, it can get the support of security managers, ”Gary McAlum added.