Arista Networks has joined the Microsoft Intelligent Security Association (MISA), a community of independent software suppliers and managed security service providers that have integrated their products to better protect against an increasingly dangerous environment.
Arista was recognized for their NDR (Network Detection and Response) system’s integration with Microsoft Azure Sentinel. By integrating network context and threat detection with log-based and endpoint insights within Azure Sentinel, this integration provides faster threat mitigation.
Insider threat detection, threat hunting, digital forensics, and incident response are among the autonomous use cases enabled by Arista NDR, which analyses entire network packet data. The NDR platform detects, profiles, and classifies network items including as devices, users, and applications across campus, data center, IoT, and cloud networks using Arista AVA (Autonomous Virtual Assist), an AI-enabled decision support system.
AVA pre-computes answers to problems that an expert analyst would ask after analysing network data and querying threat intelligence sources, open source intelligence, and partner solutions within the MISA ecosystem and beyond. The platform uses this information to uncover weak and early signs of a network issue, as well as confirming data, in order to build conviction and determine the attack’s broader breadth. This allows the SecOps team to thwart an adversary’s goals at the very beginning of an attack.
“Customers have invested in a variety of security solutions in their battle against modern cyber threats. Responding to the adversary requires a coordinated effort across these solutions so that risks can be mitigated and impact minimized. Microsoft shares this vision and we are pleased to collaborate by bringing the high-fidelity detection and response signals from AVA and our NDR platform into Microsoft Azure Sentinel and MISA,” said Rahul Kashyap, VP/GM Arista NDR Security Division.
Companies are sometimes blind to 50% or more of their network, including IoT and contractor devices, as well as cloud workloads, as networks have developed. Adversaries target this larger attack surface, but because the underlying device lacks security agents or log sources, these attacks generally go unnoticed.
For this otherwise unmanaged infrastructure, integrating Arista NDR with Azure Sentinel provides extensive insight into network entities, threat detection, and incident response capabilities. Security teams benefit from comprehensive, entity-centric context that can be utilised to correlate data collected from other IT and security systems using Azure Sentinel workbooks.
“The Microsoft Intelligent Security Association has grown into a vibrant ecosystem comprised of the most reliable and trusted security software vendors across the globe. Our members, like Arista, share Microsoft’s commitment to collaboration within the cybersecurity community to improve our customers’ ability to predict, detect, and respond to security threats faster,” said Maria Thomson, Microsoft Intelligent Security Association Lead.