DEVOPSdigest

Morphisec announced integration with security incident and event management (SIEM) systems, providing enterprises increased efficacy handling and understanding of advanced cyberattacks stopped by Morphisec.

"With the threat landscape continuing to quickly and viciously evolve, it has become an imperative for enterprises to have a complete and immediate view into attempted attacks so they can more effectively secure their endpoints," said Netta Schmeidler, Morphisec VP of Product. "Morphisec prevents advanced in-memory attacks at endpoints. By integrating with leading SIEM systems, Morphisec is able to provide security operation teams with real-time insight including, never before available, critical attack behavior details of every advanced threat blocked."

Once an attempted attack occurs and is stopped by Morphisec's denial-of-attack functionality, the fingerprint and any required incidence response details are immediately sent to the SIEM system. Because Morphisec stops the attack deterministically – without false alarms and early in the kill chain before the malware had a chance to execute – enterprises are able to achieve a higher level of efficiency. Additionally, no logs need to be reviewed and no remediation is required, reducing the cost of SIEM operations while keeping enterprises one step ahead of attackers at all times.

According to Gartner's Magic Quadrant report on SIEM, the greatest area of unmet need is effective targeted attack and breach detection. Morphisec SIEM integration empowers SecOps teams to detect targeted threats in real-time, providing crucial context about attack technique and behavior. Moreover, Morphisec only logs real attacks, helping security personnel cut through the noise of false positives and irrelevant data so they can prioritize and respond more effectively.

Morphisec integrates seamlessly with the following SIEM products:

- McAfee Enterprise Security Manager
- HPE Security ArcSight ESM
- IBM Security QRadar
- Splunk Enterprise Security