NetWitness Corporation
Company: NetWitness Corporation
Company Description: NetWitness provides a revolutionary network monitoring platform offering a precise and actionable understanding of everything happening on the network. NetWitness solves a wide range of tough information security problems including: insider threats, zero-day exploits and targeted malware, advanced persistent threats, fraud, espionage, data leakage, and continuous monitoring of security controls.
Nomination Category: New Product Awards & Product Management Categories
Nomination Sub Category: New Product or Service of the Year - Computer Software - New Server Software
Nomination Title: NetWitness Spectrum
Tell the story about this nominated product or service (up to 500 words). Describe its function, features, benefits, and sales to date. You may include hyperlinks to product photos and data sheets. IMPORTANT: Begin each link with http://, and enclose each link in square brackets; for example, [http://www.youraddress.com]:
Since its founding in 2006 and original work in the US Intelligence community, NetWitness has come to represent the gold standard in real-time network analysis and visibility and automated threat intelligence, and owns a market sector into which vendors large and small are rapidly converging. The company’s technologies are deployed across the Global 1000, including 75% of Federal Agencies and 5 of the Fortune 10. In 2010, the company was recognized as the #21 fastest growing privately held company in the US, the #1 fastest growing in the DC area and the #1 fastest growing software company in the Inc. 500.
In early 2011, NetWitness, broke from a status quo in computer security that was
both deeply entrenched and long obsolete due to decades of malware evolution and
corporate denial. In January 2011, the company announced NetWitness Spectrum, a
revolutionary approach to automating malware analysis that replicates the
knowledge, process, and workflow of world-class malware analysts to enable the
identification of advanced and zero-day malware.
With nearly 100,000 new malware samples discovered each day, the ability for
criminal elements to quickly adapt their approach has rendered
signature-dependant malware defenses obsolete. It has also severely challenged
the efficacy of some newer approaches that ultimately still derive from similar
design principles, focusing on well understood behaviors and assumptions
associated with malware to look exclusively for what is “bad.” This approach
leaves a world of activity with little scrutiny – a reality
that malicious actors both depend on, and exploit to great success.
Spectrum takes a decidedly different approach. Instead of searching for the
needle in the haystack, it deconstructs the haystack until all that is left is
the needle – and in many cases, multiple needles. Built upon the unmatched
ability for full packet capture and session recreation/analysis inherent in the
NetWitness NextGen platform, Spectrum changes the malware analysis game – and
ultimately the market – in four major ways:
• Mimics the techniques of hundreds of leading malware analysts by asking
thousands of questions about an object and all of its related network behavior,
without requiring a signature or a known “bad” action.
• Leverages NetWitness Live intelligence service by fusing and triangulating
information from leading threat intelligence and reputation sources to assess,
score, and prioritize risks.
• Utilizes NetWitness NextGen’s pervasive network monitoring capability for full
network visibility and extraction of all content – executable and metadata –
across all protocols and applications.
• Provides transparency and efficiency to malware analytic processes by
delivering complete answers to security professionals, including a wealth of
detailed supporting data, such as: intelligence fusion, sandboxing, correlation,
and scoring options that are designed for diverse environments and rapidly
evolving threats.
List hyperlinks to any online news stories, press releases, product reviews, or other documents that support the claims made in the section above. IMPORTANT: Begin each link with http://, and enclose each link in square brackets; for example, [http://www.youraddress.com]:
http://www.netwitness.com/products-services/spectrum Product Page
http://goo.gl/KpwTs Press Release
http://goo.gl/DtUUI NetWitness Growth
http://goo.gl/BwVvq Vendors to Keep an Eye On
http://goo.gl/njR5C Link to Video on Spectrum
Provide a brief (up to 100 words) biography about the leader(s) of the team that developed this nominated product or service:
The development team was led by NetWitness CTO Tim Belcher. Previously, he
co-founded Riptech, where he served as the CTO until its acquisition by
Symantec. Ernst & Young recognized Mr. Belcher in 2001 with the “Entrepreneur of
the Year” award. Prior to Riptech, Mr. Belcher was the Chief Engineer, Eastern
Region of Trident Data Systems. He has managed highly specialized information security
services for Fortune 500 clients, including top ten financial institutions. Mr.
Belcher has secured some of the nation’s most critical infrastructure
components, and is a decorated Army veteran of Desert Shield and Desert Storm.