Categories
Problems that solves
Shortage of inhouse software developers
Shortage of inhouse IT resources
Shortage of inhouse IT engineers
High costs of IT personnel
Values
Enhance Staff Productivity
Reduce Costs
About Product
Description
The best of both worlds
CyberSift leverages decades of experience but adds the power of anomaly detection
- Incorporates both Anomaly and signature based systems resulting in a hybrid system that reduces the number of false positives that typically plague anomaly-based only systems.
- This way, our customers can get the best of both worlds.
- Easily store, search and visualise output from tools such as OSSEC, SNORT and OPENVAS
- Identify anomalous sequences of events flagged by OSSEC
- Enhance anomaly detection with vulnerability information from OPENVAS
- Enrich your logs with "context addition" which allows analysts to easily visualize relationships between nodes that communicate with malicious peers
- Augment the IP information provided by your network devices with useful threat hunting information such as AS number and country
- Detect and visualize known bad IP addresses from a wide variety of sources, including TOR IP addresses, C&C servers, and scanning hosts
- Leverages threat intelligence from industry leaders like IBM X-Force and others who collect and analyse information from the community.
- CyberSift brings fully searchable audit logging, threat detection, and reports to all areas of the environment
- Detect zero day attacks by highlighting abnormal behaviour
- Adjust abnormality severity by taking into consideration context addition
- Gain extra visibility into your container activity by detecting anomalous system calls
- Augment OSSEC monitoring with signature-less, container aware security monitoring
- Installed software
- Sensitive files changed on your hosts
- Based on award winning FOSS technology (Elasticsearch)
- Supported by major cloud providers (AWS and GCP)
- Completely customizable and interactive reports
