Forensic-Depth Compromise Assessments
Anomaly analysis of Operating System Artefacts
Enrichment and Reverse Engineering Discovered Leads
Discovery of High- risk Network Traffic Based on Intelligence, Machine Learning (ML), GEO-IP and ASN
XDR (EXtended Detection Response)
Pushing the Limits of Time and Space
A force multiplier, the independent XDR cyber-defense platform significantly lowers an organization’s exposure to cyber-attacks and lessens the possibility of business impact following system breach. The platform includes a defense-in-depth threat intelligence architecture that lessens a company’s exposure to a wide range of cyberthreats as well as a technique that reduces the dwell time after a breach by doing routine forensic-depth compromise evaluations.
Technology Stack
Forensic-Depth Compromise Assessments
Vendor-agnostic Threat Intelligence Gateway connected in-line with your network traffic as either a layer-2 bridge device or a virtual cloud instance that inspects network traffic at rates of up to 10Gbps. The threat gateway is empowered by a massive number of threat intelligence indicators updated through the eclipse.xdr Cloud which is also used to configure automated policies for blocking malicious traffic.
Endpoint Forensic Collection Agent
A lightweight endpoint agent for Windows, Mac, and Linux operating systems, that collects post- breach forensic artefacts at a frequency configured to meet the organization’s risk appetite for controlling dwell-time. Continuous Threat Monitoring and Real-Time Detection are also provided using the same agent that detects the most prevalent adversary behaviors.
Dynamic Analysis
A Cloud-Native hypervisor-based Sandbox that remains invisible by defeating even the most evasive measures built into advanced threats. Dynamic Analysis transparently monitors every interaction with the target machine to provide end-to-end visibility into malicious behavior.
Auto Analyst – SOAR Flagging Engine
A configurable Threat Flagging Engine that automates the manual effort performed by a security analyst to quickly enrich and triage threats and rate the level of risk to an organization.
Endpoint Incident Response Agent
Leveraging the same agent used for Forensic Collection, the Endpoint Incident Response Agent enables both collection and response action to be performed to limit the damage following a confirmed breach.
SIEM Threat Detection Platform
A Cloud-Native SIEM that correlates DNS events with logs collected from the eclipse Network Threat Intelligence Gateway to detect advanced threats and to map these to the corporate host targeted by the attack
How do we do it?
By gathering and enabling a vast array of threat intelligence indications and operationalizing them to stop attacks in their tracks, the XDR service defends enterprises. If the traffic is associated with a high-risk ASN or high-risk nation, risk-based inbound and outbound rules increase weighting to an indicator’s base-risk score to increase the level of threat to the company. Through this defensive approach, your organization’s susceptibility to cyber-threat is significantly decreased.
What you get :
Secure your Assets
Comments are closed.