Threat Detection Analytics (TDA)
Threat Detection Analytics (TDA)
PUBLICATION OVERVIEW
By constantly analyzing suspicious code and by identifying communications with malicious hosts, threat detection analytics (TDA) products can detect threats ranging from commodity malware to targeted attacks from state-sponsored threat actors that are expressly designed to bypass traditional defenses.
TDA products evolve the capabilities of traditional breach detection systems by applying advanced analysis algorithms in order to identify whether exfiltration has occurred, and if so, to determine root cause. This technology helps to accelerate the response workflow and improve incident outcomes. Incident responders are uniquely able to address attacks in progress and help organizations avoid grievous data loss or damage if they learn of incidents early enough in the attack chain. TDA products will evaluate and provide metrics on some of the challenges that have been reported by enterprises so incident resolution workflows can be accelerated.