Security firm Invincea is expanding its portfolio with a new managed services offering that provides organizations with deployment, management and monitoring capabilities.
The new X-as-a-Service (XaaS) by Invincea managed services offering builds on Invincea’s May 2016 debut of its X next-generation anti-virus endpoint security technology.
X by Invincea makes use of deep learning capabilities to understand and detect security threats. The X product also provides isolation, helping to limit the potential risk of threats. Invincea originally acquired the isolation technology used in X from Sandboxie, which is a popular consumer security product.
While the X product is powerful, Invincea CEO Anup Ghosh realized that not every organization has the staff and ability to fully understand security risks and how to properly manage security technology.
“X-as-a-Service is designed for companies that don’t have large IT or security staff and Invincea takes care of the implementation and configuration,” Ghosh told eWEEK. “Post-deployment we manage the endpoints, while providing threat monitoring services.”
XaaS is a cloud managed service, with individual X endpoints deployed with a standard Microsoft installer package. The installation of X also does not require a system reboot, providing immediate protection for users.
As part of the installation, Invincea also provides organizations with an assessment that will identify if a given machine has already been compromised.
“Typically when we got into an organization, we see that threats have already gotten past existing security technologies,” Ghosh said.
Among the things that Invincea will also typically see in an organization are unpatched systems. While patching is a security best practice, Ghosh said that Invincea deals in the reality of organizations today, which often have a hard time patching client-side applications.
“With our isolation capability we can for example, run an unpatched instance of Microsoft’s Internet Explorer browser all day long, let it get infected and it just doesn’t matter, ” Ghosh said. “We like unpatched software and we think we can help relieve some of the burden of patching for enterprise organizations, so they can patch on their schedule rather than on the vendor’s schedule.”
As part of XaaS, there is a management dashboard that provides forensics and threat reporting information to organizations. Ghosh said that Invicea tries to help organizations understand whether they are being attacked randomly or if they are being specifically targeted by an attacker.
“In our user interface we show a timeline of the threats that are seen by a company,” Ghosh said. “There is also a drill-down capability to get more insight into specific threats.”
One piece that the Invincea XaaS offering does not directly provide is incident response services. Ghosh said that Invincea partners with other firms for incident response. He added that partners will also bring Invincea into accounts after a security incident has been resolved.
Looking forward, Ghosh expects to continue to evolve his company’s capabilities to keep up with emerging threats and customer requirements.
“If you’re standing still, you’re falling behind,” Ghosh said. “So we continue to innovate on the model and we’re also looking at different data sets.”
Currently, Invincea’s technology is able to understand program executables and Ghosh said that his company will soon be rolling out new models for other types of attributes found on a system, such as web addresses.
“In addition we expect to release a mobile version of our product this year,” Ghosh said.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.