REACT™ – Predictive security intelligence platform

REACT™: Predictive and proactive behavioral analysis strengthens your defenses

Leverage the cooperative ability of cloud and your existing security solutions to provide 360° visibility

REACT (Realtime Event & Access Correlation Technology) is a game-changing security intelligence platform which collects data from virtually any infrastructure security product and application, analyzes that data for behavioral anomalies, applies and enforces organizational security policies and secures the data in real time.

A unique, analytical solution ties together info from identities, access rights, user activities, app usage, network events & other security sources to find patterns of behavior and expose threats which go unnoticed.

But, more than sounding alerts, this unified and modular blend of security expands the current generation of enterprise protection to better qualify, verify, decide and act on each incident. It is a unique and highly diverse offering for the security-space:

reactprocess

REACT consolidates all your security products, databases, directory and other sources to correlate all your silos of data.

The true and unique value of REACT is it works with existing security tool investments and can add the necessary solutions to close the circle. So, if an organization already has an investment (for example Identity Management), REACT leverages the investment with the other modules.It is not a collection of individual solutions and functions, BUT rather a comprehensive forensic interpolation of all the data across the enterprise to gain a truly holistic security vantage point..

Detect and prevent anomalous behavior based on discovered patterns

React_ID_Corr1

REACT proactively collects information, builds patterns of behavior, analyzes patterns of behavior based on machine learning and artificial intelligence, and compares these complex patterns at any point in time with the historical patterns across multiple of dimensions of interest to identify the anomalous behavior.

Modular and easy to deploy

Need to add a SIEM solution; SSO or identify management? CloudAccess’ REACT can provide any of the missing pieces to your security arsenal. Learn more about



Overview

Control. Analyze. Enforce. Secure.
REACT allows you to transform your current enterprise security from reactive review to proactive defense without an invasive culture change or the expenditure of key security resources. We make the ability to recognize and prevent threats easier by deploying a more versatile, scalable program that enhances end-to-end visibility, offers further reaching security intelligence and centralizes management resources. Its roots are as a cloud security solution, but its true reach and effectiveness extends to on-premise and other legacy assets.

Control: Creates a “single pane of glass” to better manage and contain a variety of access points, identity sources and device types. Promotes a single unified view, but more importantly connects the disparate silos to better maintain security.

Analyze: Integrate data from identities, access, activity, apps, audit logs, geo-location and NetSec events to create a more comprehensive
and layered determination of suspect behavior patterns.

Enforce: Policies applied in real time across devices, users and applications based on organizational standards.

Secure: Integrated, unified and layered detection and protection that proactively prevents leaks, loss, and abuse and supports compliance.

.

Benefits

ALWAYS KNOW WHO WHAT WHERE WHEN AND HOW:

REACT is more than the sum of its parts. It integrates various security tools such as SIEM, Log Management, Identity and Access Management to think and work together. In most cases, events, activities, application usage and identities are analyzed separately creating gaps in knowledge. REACT is the engine to correlate the combined intelligence collected by these individual tools. It takes these individual silos of data and finds suspicious patterns of activity that might otherwise fall through the cracks.

.

Moving Beyond SIEM

Understanding patterns is more effective than looking at events

REACT is not SIEM—although it leverages SIEM’s powerful correlation and event management engine.

READ OUR PAPER: REACT-Moving Beyond SIEM

The power of CloudAccess REACT is in how it can extend both your security team and your SIEM. With SIEM doing its job, capturing and forwarding event data from across an enterprise, REACT turns this data into action, responding to threats, threats updating an audit trail, and reducing the amount of repetitive, time-consuming work with which your team must contend.

While SIEM can capture and normalize threat data, its ability to provide instantaneous responses through intelligent automation is significantly limited. In most organizations, the job of sorting through this data belongs to security admins and their favorite battery of shell scripts. The challenge here is that as the number of correlation rules increase in volume and complexity, your analyst’s ability to manage the work suffers.

CloudAccess REACT leverages and enhances Processes, Policies, Procedures, Tools and People to reduce the amount of exposure most network, systems and applications face. REACT can reduce the time to identify threats and reduce the amount of time it takes any team to remediate or take active defense against a these threats because it doesn’t look at isolated events, but rather larger patterns of behavior.

When working with patterns, you don’t look at events in isolation, but rather holistically and in real-time. This solves the false positive frequency issue as well as allows for true situational awareness and baselining predictable activity across multiple security silos and multiple processes.

REACT provides the orchestration and process automation capability to reduce the volume of incidents that IT teams face. Regular and repeatable incidents that typically require the attention of a security team can be remediated automatically, or in stages with human guiding the responses via REACT different flavors of automation.

 

Integrated Suite

Every component of the award-winning CloudAccess REACT™ platform provides enterprise class capabilities and features that are designed to address the most demanding and challenging requirements. CloudAccess offers a modular but integrated suite of products including Identity Management, Access Management, Single Sign On for SaaS, Web and Desktop applications, Security Information and Event Management (SIEM), and Log Management.

Each product of this comprehensive integrated stack can be acquired separately or as part of the entire suite. Designed for scalability and high-performance, each product in the platform provides enterprise level functionality based on industry standards. If you have already invested in one or more of these security tools, REACT™ can still integrate their data for improved visibility. It’s inherent flexibility allows companies to incorporate what they already have or can seamlessly add any missing security tools to their arsenal. CloudAccess offers several modular cloud-based options to complete the REACT™ landscape.

THE MODULES THAT COMPRISE/INTEGRATED INTO THE REACT SUITE

SIEMLOG_ICON2015SIEM/LOG: Continuous network monitoring and threat alerts

  • IPS/IDS/HIDS
  • 7/24/365 monitoring
  • Vulnerability & risk reporting
  • Anomalous activity alerts
  • Forensic analysis, compliance
  • Rule-based correlation
  • IT asset discovery and mgmt.
  • Network protocol analysis.

IAM_ICON2015IDENTITY MANAGEMENT: Provisioning and managing users

  • Password Management
  • Role-based access control
  • Directory infrastructure
  • Audit compliance features
  • Provisioning/de-provisioning
  • Manage multiple identities for each user
  • User self-service
  • Secure enterprise data.

SSO_ICON2015SINGLE SIGN ON: Providing secure and centralized access to applications

  • SaaS, Web and/or Desktop SSO
  • Role-based access control
  • Centralized enterprise access control
  • SaaS and Web audit reporting
  • Support for legacy applications
  • Entitlement management
  • Federation and cloud
  • Authenticates users from IDM
  • BYOD/mobile support

    SEE            READ            TRY       

Read more about REACT