TYSONS, VA / ACCESSWIRE / March 14, 2024 / Threater, the only active defense cybersecurity platform, announced their new Unexpected Blocks feature that enables users to make more informed decisions on how to manage IPs that have been unexpectedly blocked.
Unexpected blocks are one of the most visible and thorny issues security teams deal with in trying to balance a business’s operational and security goals. While many use the terms “false positive” and “unexpected block” interchangeably, “unexpected blocks” is an umbrella term for false positives, misunderstood indicators, and blocked malicious traffic when trying to access a site the user thought would be safe (or just want to be safe). This new feature allows security teams to make quicker, better and more informed decisions about what to do when users encounter unexpected blocks, as well as streamlining their management.
“We really want to draw attention to the difference between false positives and unexpected blocks. Our goal is to educate our users on how incorrectly flagging issues can cause organizational chaos. False positives do happen and can be overwhelming to security teams but unexpected blocks are legitimate vulnerabilities that need to be addressed appropriately even though they may be impeding productivity. We know that CISOs have to make difficult real-time decisions to ultimately find the balance between security and productivity and we are empowering them to do so with confidence,” said Threater CTO, Pat McGarry.
Due to the wide proliferation of CDNs and multi-homed servers, unexpected blocks have become a fact of life for all security teams. The decision of whether or not to allow an unexpected block through should not be taken lightly and this decision should only be made after careful consideration and analysis of the potential risks and benefits. Our new Unexpected Blocks feature gives our users the real-time data they need to help make these decisions quickly and confidently.
Threater’s new Unexpected Blocks feature allows those security analysts to obtain critical information in a streamlined way to make those risk calculations much easier. These decisions are also logged and fed to the rest of the security stack so security teams and technologies can identify the source of any potential malicious traffic. Threater’s Enforce software logs all allow and block decisions that are available via exportable RFC-compliant syslogs. This allows for downstream analysis in other security tools in case an unexpected block was allowed through but turned out to be malicious after all.
To learn more about this offering or how your security stack is better with Threater, visit www.threater.com
About Threater
Threater is a comprehensive cybersecurity platform that provides active network defense by automating the enforcement and analysis of cyber threats at scale. Threater offers a wide range of solutions to proactively and automatically safeguard organizations against cyber threats. Their patented solution effectively blocks all known threats, enabling the rest of the modern cyber security stack to do its job more efficiently. Your security stack is better with Threater. For more information, find us at threater.com.
Media Contact:
Courtney Brady
courtney.brady@threater.com | (844) 843-6283 ex.717
SOURCE: Threater