Falanx Group announce MidGARD, the latest innovation in Managed Detection & Response, built by security analysts for security analysts

Share Article

Falanx, the global intelligence, security, and cyber provider, is pleased to announce that is has today officially launched its proprietary Advanced Threat Detection and Response Platform, known as MidGARD.

News Image

Keeping up with the dynamism, tools and technologies of modern day malicious hackers, whilst simultaneously sifting through and enriching vast quantities of data, makes the role of today’s security analyst more challenging than ever. As security analysts, Falanx Cyber Defence (part of Falanx Group) have a deep understanding of the challenges faced by those working in Security Operations Centres (SOCs). Recognising that the proliferation of data is a problem, and one which makes SOC analysts jobs more difficult, has driven Falanx to give life to a comprehensive cyber security solution in the form of MidGARD; a service platform built from the ground up to process, enrich and interrogate the massive volumes of event and log data across all systems, networks, and platforms.

Discover more about MidGARD at http://www.falanx.com/midgard

What is MidGARD?
A leading-edge cyber threat detection and response platform, MidGARD replaces existing Security Operations Centres (SOCs) and security information and event management (SIEM) software with a multi-client cybersecurity ecosystem that processes the increasing accumulation of event and log data - millions of events per second – by using mass real-time stream processing. It uses the latest big data and machine learning tools to review a maelstrom of potentially informative data to identify the latest cyber threats.

MidGARD has been built on the latest open source technology, together with proprietary processes and IP. It uses the same database as Facebook, the same elastic search as Amazon, and parallel processing from Twitter. The platforms were forged in the fires of the Open Source community and engineered and tailored by Falanx’s security engineering team, resulting in acceleration, scalability, reduced cost, and access to the latest data tools.

Why MidGARD?
As technology evolution grows apace, more types of data exist in a wider variety of places, spanning traditional network boundaries, as well as hybrid and public cloud. Add to the mix the emergence of software defined networking, an increase in using container based technology, automation of application provisioning, and agile methodologies in our businesses, as well as the ever-expanding use of mobile computing and mobile applications, and you have an immense amount of data and systems speaking in different languages. All of these interactions, every delivery of a service component or a daemon, adds to the melee, creating a maelstrom of potentially informative data. Individually these pieces of data are without merit, but en masse, a cornucopia of knowledge. MidGARD’s collector architecture pulls in all this data, normalises it, and enriches it, turning it into something valuable so that vital intelligence can be gleaned from it.

“MidGARD is a clever and hugely intuitive data enriched platform built from the ground up around proven Open Source technologies and libraries, and with a fervour matched only by the enthusiasm of the Open Source ecosystem where MidGARD originated”, comments Falanx Group CTO, Richard Morrell, who recently joined the team following his role as CTO of Gartner Security Practice. “Optimised and honed around a secure big data heart, MidGARD does what it does with aplomb, delivering advanced threat detection, monitoring, and a hugely capable and revisited approach to incident response”.

What are the benefits of MidGARD?

  • ‘Hive Mind’ - MidGARD is a ‘Hive Mind’ for Security - a bot-net for the good guys. Each MidGARD installation is semi-autonomous, but the real magic happens where they connect with AsGARD, a unique solution that brings all MidGARD deployments together. They form a hive mind, sharing events, learning from each other and recognising threats across many clients. The more clients, the better because when one client finds a problem, Falanx can help everybody heal the breach.
  • Speedy and scalable - Built on big data foundations by security analysts, MidGARD is staggeringly quick and fully scalable whilst API friendly, offering major extensibility.
  • Integrated ChatOps - ChatOps in MidGARD makes it easy for security analysts to work alongside their colleagues, clients, and Falanx’s own SOC analysts in one window, to identify and respond to threats in real time, and share intelligence amongst each other.
  • Data enrichment – MidGARD’s data enrichment engine automates the manual process of enriching base level data with additional context, improving the value of information and therefore the intelligence that can be gleaned from it, whilst saving security analysts from an arduous time-consuming process.
  • Hands on or hands off – Falanx’s own UK-based SOC are on hand 24/7 to manage, monitor, and respond to all activity within MidGARD, meaning security analysts can work 9-5 and be assured someone is covering the 5-9 shift. Having Falanx’s SOC as an additional security layer allows security analysts to use MidGARD as little or as often as they wish.
  • Cutting edge tech - MidGARD’s integration of emerging tech matches the sophisticated technologies adopted by malicious hackers, making for an infinitely scalable, dynamic and agile platform. Its advanced capabilities built around machine learning, AI, and microservices, help accelerate the process of identifying and responding to threats.
  • Constantly evolving - MidGARD will continuously evolve and grow in parallel to client need, service requirements and most importantly, the external threat landscape. As it is based around a full microservice architecture leveraging large scale open source products, as well as custom built microservices, elements of MidGARD can be adapted, replaced or added to in a matter of days.

Find out more at http://www.falanx.com/midgard

The team behind MidGARD
MidGARD has been wholly innovated and developed by Falanx. The management team behind the platform consists of security industry heavyweights, including:

  • Jay Abbott founded ASC, which has since become Falanx Cyber Defence, of which he is Executive Director. Jay also previously ran Price Waterhouse Coopers penetration testing team.
  • Richard Morrell, CTO at Falanx Group, recently joined the company following his role as CTO of Gartner’s Security Practice. He was previously a strategist at Red Hat and co-invented SmoothWall.

Falanx have handpicked a team of the best developers and security analysts from SOCs and projects in legacy and Cloud, building on the core Open Source disciplines and best of breed components that Abbot and Morrell have a fervent belief in.

The MidGARD unit
MidGARD is available in a 19” 1U chassis designed by the developers of the suite for enterprises. In the enterprise class, unlimited virtual appliances are also provided free of charge with the platform.

A MicroSOC small footprint device, aimed at the SME marketplace, is also available; a small yellow box, innocuous and unassuming, but delivering a hugely capable proposition. Sitting on customer networks, the MidGARD units act as collation devices, employing a hugely innovative range of analytical capabilities and data enrichment services, hand cranked in Falanx’s SOC in the West Midlands.

The “boxes” listen to the ever-growing amount of data on the customer network to identify and react to threat before and as it happens, allowing those organisations to react ahead of time and to be able to build a reactive capability that they otherwise would have had to spend twenty or thirty times the annual subscription cost of the service that Falanx provide.

Pricing and availability
MidGARD is now available as an enterprise class deployment covering tens of thousands of devices, or as a MicroSOC, an appliance for small to medium enterprise, covering 1-500 staff deployments and priced to suit the market.

Enterprise deployments are priced on quantity of log sources collected. The platform comes with storage that can be increased if needed. Collectors are available as virtual images or hardware appliances and priced separately.

At the SME size, pricing is based on users and location, typically broken down into 50, 100, 150, 200 users, with an extra fee for additional MicroSOC appliances if more than one physical location is monitored.

Find the best solution at http://www.falanx.com/midgard

-Ends-

Notes to Editors
You can find a media kit, including images, FAQs and an animated explainer at https://www.dropbox.com/sh/q0tlg9oklvk55c3/AAB4yc9FxoDAcaDRElmz9JVaa?dl=0

About Falanx Group
Falanx Group, the global intelligence, security, and cyber provider protect and defend businesses against global security threats. Consisting of Falanx Cyber Defence, Falanx Intelligence, and Falanx Cyber Tech, Falanx Group provide complete, proactive cyber defence, intelligence and technology, which is scalable and affordable.

Partnering closely with clients, Falanx Group use their intelligence, vigilance, tools and technology to provide targeted threat prevention to businesses of all types and sizes. A deep understanding of industry requirements and the far-reaching implications of cyber breaches enables Falanx Group to help businesses make better informed, confident choices.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Greta Geoghegan
Digital Glue
+44 7815624263
Email >