Guardicore

What’s New with Centra™ 2.0 Build 15

What’s New with Centra™ 2.0 Build 15

Two weeks ago we released the latest version of our flagship product Centra. For those of you who were unable to review the upgrade yet, here’s a short list of what it came with:

Micro Segmentation with Reveal

We added some awesome enhancements to Reveal, our process level visibility solution. We now support application level segmentation and provide the ability to define granular policies between processes and then detect those policies for variations and suspicious activity. We don’t just keep these variations to ourselves, but can also report them in real time to 3rd party SIEM/SOC for further investigation.
What’s in it for you:

  • Deploying sensitive application servers in the dc (think databases for example)? You can now make sure that only specific client applications can access them. We identify applications based on the actual image that runs.
  • Automatically deploying new apps or micro-services? With Reveal’s tight policy creation you can make sure that they’re being used as you’ve wanted, avoiding (malicious) surprises.
  • Compliance requirements? Make sure your applications are compliant by validating that their expected traffic sources and destinations match requirements. 

Read more (with some cool screenshots) in this post.

Process Level Agentless visibility
Leverage Guardicore inherent capabilities to create a quick, out of the box visibility map of your data center communications. Installation is super simple, no need to install agents in the VMs themselves and you’ll still be able to get visibility down to the process level. This capability is unique to Guardicore Centra.
What’s in it for you:

You will be able to benefit from full visibility maps of your data center communications immediately after you deploy Guardicore Centra™ in your environment. 

Smart Inspection  
Smart Inspection is now Centra’s default operation mode. Heuristic filters on the network traffic guarantee that only suspicious connections are redirected to Centra’s deception engine.This means that ‘innocent’ failed connections such as multiple connections coming from the same IP, connections generated by misconfigured machines or connections made to a misconfigured destination are not detected.
What’s in it for you:
Protect larger data centers with less resources!

Group Similar Incidents Together
Our amazing team of data scientists has developed machine learning algorithms for automatic classification of attacks. Data centers are constantly attacked and while there seem to be repeating patterns across attacks, the same attack may differ slightly from instance to instance and still be considered the same attack.
What’s in it for you:

  • What you achieve is an at-a-glance view of ALL security incidents detected by Centra with incident clutter significantly reduced.
  • Each incident is now associated to a group containing similar incidents.
  • Per each group you can dive in to read more about its associated incidents along with the incident’s full context including affected assets, session recording, screenshots, credentials used in the attack and more.

Enhanced Mitigation Based on New Indications of Compromise (IoCs)
We added multiple Indications of compromise (IoCs) that allow us to provide enhanced mitigation for different types of incidents. Our IoCs are exportable over STIX and can be customized to the customer’s data center environment.
What’s in it for you:

Strengthen your entire data center with new customizable mitigations.

We also offer partnerships. Read our post about it.

From Guardicore's
Resource Center

Managed threat hunting delivered by Guardicore Labs
Synchronize and automate security across your entire network.
 

Subscribe To Our Newsletter

No spam, we promise. We’re only going to send you insights on how to reduce risk in your data center and clouds.

See Centra in Action

Reduce your attack surface and prevent lateral movement with fast and simple segmentation that works everywhere.

See Guardicore Centra in Action

Schedule a demo customized to your specific security needs