Passively analyze network traffic for evidence of compromise and attempts at compromise across all ports and protocols. Plug in, assign an IP Address and the platform is monitoring in less than an hour.
- Supports 1G/10G platforms
- No complex set up or configuration
- Real-time data collection via network or virtual tap
Analyze Data for Threats
Supervised Machine Learning
ClamAV, Yara, Huri, PEScanner, Extractor
- Powered by a machine learning detection engine
- Pre-trained to detect right out of the box
- Delivers 99.1% detection efficacy
- Assess content in real-time as benign or malicious
- Quantitatively measure current and future model performance
- More than 30 file specific classifiers
Build Threat Investigation File
For suspicious events, a threat profile is created. This information helps you understand all the relevant information about this event in one single pane of glass. You will see all the analytics engine results that hit, target logs from 15 minutes pre-and-post event, and any post-secondary analysis results. Work smarter with the threat profile showing you only relevant information in one place.
- Shows all relevant context for potential infection
- Reaction speed reduction
Respond & Report
Integrations with SIEMS like Splunk and QRadar, Endpoint providers like Carbon Black, Threat Intelligence and Sandboxes are just a few examples of how our customers leverage automated response and detailed reporting within their current security ecosystem.
See it in action. Schedule a demo.
Want to learn more? Check these out:
Based on an online survey of over 410 cybersecurity professionals, this report details the top concerns about network security.
Learn about the differences between supervised and unsupervised machine learning.
Each year, analysts from across Forrester's security and risk (S&R) research team draw insights on the top security technology trends.