Automated mitigation on endpoint devices and networks can be tricky

Many companies have automated systems in place for preventing, detecting, and investigating security incidents, but automating the incident response and mitigation process for networks and endpoint devices has been a tougher nut to crack.

That includes actions such as automatically re-imaging endpoint devices, isolating devices from corporate networks, or shutting down particular network processes in order to quickly and efficiently respond to attacks.

“I think there’s a lot of potential,” said Joseph Blankenship, analyst at Forrester Research. “We’re definitely in a period of discovery, though, and that has to take place before we’re going to see widespread, mainstream adoption.”

To read this article in full or to leave a comment, please click here

from CSO Online Data Protection http://www.csoonline.com/article/3193036/security/automated-mitigation-on-endpoint-devices-and-networks-can-be-tricky.html#tk.rss_dataprotection

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s