View

Sorting

Products found: 67

logo
Offer a reference bonus
1.00

A10 THUNDER®TPS

SURGICAL MULTI-VECTOR DDOS PROTECTION Mitigate volumetric, protocol, resource, application and IoT-based DDoS attacks while protecting legitimate users. POWERFUL & EFFICIENT Lower TCO with industry-best 300 Gbps at 440 Mpps. FPGA-based acceleration mitigates without burdening CPUs. AUTOMATED THREAT MITIGATION Respond faster and minimize manual changes with automated mitigation and escalation based on 28 behavioral indicators. PRECISE DETECTION Swiftly detect attacks with in-line or flow-based methods, or integrate third party detection with open APIs. HYBRID DDOS PROTECTION On-premise protection integrates with Verisign’s cloud-based DDoS Protection Services. FLEXIBLE MANAGEMENT Use 100 percent API coverage for SecOps, on-box GUI, CLI, or to manage multiple TPS devices via aGalaxy. THREAT INTELLIGENCE SERVICE Leverage more than three dozen intelligence sources to block malicious traffic. Included with A10 support. 24-7 ATTACK SUPPORT Spin up 24-7 DDoS attack support from the A10 DDoS Security Incident Response Team (DSIRT). Included with A10 support. REACTIVE MODE Larger networks benefit from on-demand mitigation, which is triggered manually or via flow-based analytical systems. Thunder TPS fits any network configuration with integrated BGP and other routing protocols support. PROACTIVE MODE Proactive mode provides continuous, comprehensive detection and faster mitigation. Deployable in asymmetric or symmetric configurations, this mode is most useful for real-time environments where the user experience is critical. OUT-OF-BAND (TAP) MODE The out-of-band mode is used when packet-based DDoS detection and monitoring is required.
... Learn more
-
-
ROI-calculator
Configurator
ROI-
-
12
11
logo
Offer a reference bonus
0.00

AhnLab EPS

Industrial control systems have long been considered immune to cyber attacks as they are mostly isolated from the Internet. Unfortunately, this no longer holds true. Today’s advanced cyber attacks are targeting critical infrastructures and organizations with highly valuable information, leading to sabotage of massive assembly lines, severe economic damages, and data breaches. AhnLab EPS is a compact, optimized security solution for industrial systems based on whitelisting. Find out how EPS ensures the stability of operations and increases endpoint security effectiveness without impacting business productivity. Features: Whitelist Approach Application whitelisting takes a proactive approach, denying everything that is not specifically approved. This approach allows only trusted programs in the whitelist, in contrast to traditional reactive solutions that only block known threats that are explicitly defined in a blacklist. By ensuring that only clean, approved applications can be executed, it protects networks from a broader range of potential threats. Specialized for Industrial Systems The importance and nature of industrial control systems, such as production lines, plants, and Point of Sales (POS) machines, present particular challenges to ensuring their continued security and stability. Coupled with restrictive controls on clients in these systems, EPS ensures stable system operation and security integrity in industrial environments. Complete Network Control Enables you to control the direction of communication and block malicious network IPs and ports in to keep potential risks at bay. Customize your protection for networks and preempt threats. Simplified Endpoint Protection EPS places its powerful antivirus engine on the central server, so that IT administrators do not need to update and maintain the signatures at every endpoint. Learning Mode Administrator can simulate the results when the configured settings or security policies are applied to real circumstances. It helps reduce disruptions to productivity and unexpected errors that are common with untested deployments. Advantages: Stability
  • Proactively protects against unknown malware
  • Prevents malware-induced security breaches
  • Provides system stability without requiring signature or patch updates
Productivity
  • Eliminates interruptions caused by malicious or unauthorized software
  • Operates around the clock without the need for constant maintenance
  • Allows simple administration and implementation
Cost-cutting
  • Reduces system and data restoration costs by preventing malware damages
  • Reduces time and costs required for system security and maintenance
... Learn more
-
-
ROI-calculator
Configurator
ROI-
-
14
9
logo
Offer a reference bonus
1.00

Allot Communications Secure Service Gateway

Protect network uptime and efficiency Allot Secure Service Gateway is built on the same carrier-class performance and reliability that Allot brings to many of the world’s largest network operators. Flexible redundancy configurations plus passive bypass with automatic port failover maximize uptime and availability. Automate operations and lower TCO Allot Secure Service Gateway integrates multiple functions in an Intel-based platform that protects your investment and lets you scale from 2 to 22 ports of 1GE/10GE network connectivity in a single appliance. Get the visibility you need to control application performance Allot provides live traffic monitoring and usage reporting according to traffic policies that are mapped to your complex data center and cloud applications, giving you full visibility and control of application performance, web access, user quality of experience, shadow IT and web threats. Protect users from Internet threats and enforce acceptable use Allot helps you embrace and maximize the business value of cloud (web) applications by detecting and blocking malware, phishing and other web threats before they harm application performance and user productivity. Allot Secure Service Gateway also detects and surgically filters DDoS and bot traffic before it affects your network. With Allot Secure Service Gateway you can:
  • See how well your mission-critical applications are performing and supporting user productivity
  • Control application performance and improve Quality of Experience according to business priorities
  • Keep malicious or unauthorized user/application traffic off your network
  • Neutralize threats and ensure ongoing performance of business applications
  • Enforce Acceptable Use Policy for shadow IT, BYOD, resource usage
  • Troubleshoot and resolve network issues in real time
  • Simplify and automate your operations
  • Reduce opex and TCO
... Learn more
-
-
ROI-calculator
Configurator
ROI-
-
19
18
logo
Offer a reference bonus
0.00

Argus Connected ECU

With decades of experience in both cyber security and the automotive industry, Argus offers innovative security methods and proven computer networking know-how with a deep understanding of automotive best practices. Built for the automotive industry, Argus Connected ECU protection prevents, detects, and mitigates attacks targeting connected ECUs. Six easy to deploy independent modules work individually, or together, to protect the car’s most vulnerable attack surfaces, such as in-vehicle infotainment units (ivis), telematics units (tcus), and adas units.

KEY BENEFITS

AUTONOMOUS. Prevents attacks in real-time without connectivity to the outside world or human intervention MULTI-LAYERED. Provides multiple independent protection layers, to defend against all types of attacks. AUTOMOTIVE-GRADE. Built for the automotive industry and addresses unique automotive security challenges. CONTROL FLOW INTEGRITY (CFI). Prevents exploitation of vulnerabilities, by ensuring that the ECU program does not deviate from its expected execution flow.    SYSTEM LIMITER. Prevents unauthorized commands and resource access with an automotive-grade mandatory access control. PLATFORM INTEGRITY. Prevents and blocks unauthorized software from running on the ECU by validating the software at boot and during runtime. SECURITY LOGGER. Collects and securely stores security events from each module, and from other data sources in the ECU, for further analysis by the OEM. THREAT DETECTION. Prevents attacks in real-time, by identifying and responding to suspicious behavior across the ECU that may indicate an unknown attack. ECU FIREWALL. Prevents attacks from spreading to the in-vehicle network by blocking malicious communications using Deep Packet Inspection.

KEY FEATURES   

  • Supports Linux, QNX, and Android operating systems
  • Saves time with seamless Integration and easy configuration
  • Designed for easy reuse across ECUs
  • Consumes minimal system resources
  • Supports future module activation
... Learn more
-
-
ROI-calculator
Configurator
ROI-
-
18
7
logo
Offer a reference bonus
0.00

Avocado Systems Platform

Avocado Security platform provides “Deterministic Application Security Functions”. Thus, bringing the security stack literally into the application, enabling applications to secure themselves and carry the security stack with themselves when they migrate to cloud environment. Features: Avocado Security Platform This includes Distributed Deterministic Security (DDS) plugins, Security Orchestrator and Z-Ray. DevOps integrated deployment can massively scale to protect application instances on any platform in any datacenter or any cloud. Avocado DSS Plugins Creates automatic plugins to applications to provide security segmentation and compliance enforcement points that intercepts & kills threats, collects forensics and statistics from cyber-attacks for compliance and reporting. Avocado Security Orchestrator Virtual Appliance which orchestrates security management, visualization and compliance. Performs app auto discovery & configuration. Providing complete programmability through RESTful APIs and scripted interface for SecOps and DevOps. Avocado Z-Ray End to end app security and visualization. Giving real-time experience of security dynamics. The orchestrator collects the logs, events and forensics from all DDS Plugins across the data center. Feeding it for threat intelligence sharing. Benefits:
  • One Touch Segmentation. Deterministic threat detection at the web, application and database tiers.
  • Zero Policies. Highest resolution application of the pico segmentation without any policy.
  • Platform Agnostic. Bare metal, virtualized, containerized, and server-less platforms.
... Learn more
-
-
ROI-calculator
Configurator
ROI-
-
1
1
logo
Offer a reference bonus
0.00

Carbon Black (CB) ThreatHunter

Advanced Threat Hunting & IR in the Cloud Enterprise security teams struggle to get their hands on the endpoint data they need to investigate and proactively hunt for abnormal behavior. Security and IT professionals currently lack the ability to see beyond suspicious activity and need a way to dive deeper into the data to make their own judgments.
CB ThreatHunter is an advanced threat hunting and incident response solution delivering unfiltered visibility for top security operations centers (SOCs) and incident response (IR) teams.CB ThreatHunter is delivered through the CB Predictive Security Cloud (PSC), a next-generation endpoint protection platform that consolidates security in the cloud using a single agent, console and dataset.
By leveraging the unfiltered data collected by the PSC, CB ThreatHunter provides immediate access to the most complete picture of an attack at all times, reducing lengthy investigations from days to minutes. This empowers teams to proactively hunt for threats, uncover suspicious behavior, disrupt active attacks and address gaps in defenses before attackers can.
Along with unfiltered visibility, CB ThreatHunter gives you the power to respond and remediate in real time, stopping active attacks and repairing damage quickly.
Key Capabilities
Complete Endpoint Protection Platform
Built on the CB Predictive Security Cloud, CB ThreatHunter provides advanced threat hunting and incident response functionality from the same agent and console as our NGAV, EDR and real-time query solutions, allowing your team to consolidate multiple point products with a converged platform.
Continuous & Centralized Recording
Centralized access to unfiltered endpoint data means that security professionals have all the information they need to hunt threats in real time as well as conduct in-depth investigations after a breach has occurred.
Attack Chain Visualization & Search
CB ThreatHunter provides intuitive attack chain visualization to make identifying root cause fast and easy. Analysts can quickly jump through each stage of an attack to gain insight into the attacker’s behavior, close security gaps, and learn from every new attack technique to avoid falling victim to the same attack twice.
Live Response for Remote Remediation
With Live Response, incident responders can create a secure connection to infected hosts to pull or push files, kill processes, perform memory dumps and quickly remediate from anywhere in the world.
Automation via Integrations & Open APIs
Carbon Black boasts a robust partner ecosystem and open platform that allows security teams to integrate products like CB ThreatHunter into their existing security stack.
... Learn more
ROI-calculator
Configurator
ROI-
-
20
10
logo
Offer a reference bonus
0.00

Centripetal Networks CleanINTERNET

Centripetal’s CleanINTERNET® intelligence-driven network security service lets teams operationalize threat intelligence through the RuleGATE enforcement platform, the most powerful threat intelligence gateway technology on the market today. Why CleanINTERNET?
  • Lowers false positives through bulk enforcement of millions of complex IOC rules, paired down from hundreds of millions of indicators
  • Greatly reduces event volume through intelligence-based filtering and data aggregation
  • Converts indicators to action on a continuous basis, as intelligence feeds are dynamically updated
Features: APPLIED THREAT INTELLIGENCE 70+ out-of-the-box threat intelligence sources (premium, open source, industry-specific). 3000+ unique IOC feeds updated in real-time as feeds update dynamically. AUTOMATED ENFORCEMENT Billions of threat indicators correlated and filtered at network edge to millions of complex rules to influence enforcement. Automatic enforcement (block, redirect, shield, mirror, allow, capture) with 160 Gbps backplane to support true enterprise speeds. LIVE ANALYST SUPPORT Dedicated, experienced cyber analysts actively engaged in threat hunting, cyber support and threat remediation. Continually analyzing your data to optimize your threat posture and improve your security policy. The Centripetal Difference The enterprise has a major problem. There are too many breaches. Companies have far too many security incidents. And teams who set out to apply intelligence to defeat advanced threats may have the right idea, but no way to execute it. Why?
  • Organizations cannot apply threat intelligence at-scale
  • High latency rates limit real-time prevention of known threats. Less than 1% of compromise indicators are persistently applied to an organization’s defense
  • Without a single platform that can process the amount of threat intelligence necessary to actively defend the business, security teams have been struggling. Firewalls and IPS systems are not the answer.

    Centripetal has solved this problem with its invention of the Threat Intelligence Gateway. This solution fundamentally changes how cyber teams filter bad traffic based on intelligence, allowing them to:

    • Eradicate threats based threat intelligence enforcement
    • Focus on investigating the 10% of threats that are unknown
... Learn more
-
-
ROI-calculator
Configurator
ROI-
-
11
17
logo
Offer a reference bonus
2.40

Check Point Intrusion Prevention System Software Blade

The Check Point Intrusion Prevention System (IPS) Software Blade combines industry-leading IPS protection with breakthrough performance at a lower cost than traditional, stand-alone IPS software solutions. The IPS Software Blade delivers complete and proactive intrusion prevention – all with the deployment and management advantages of a unified and extensible next-generation firewall solution. Benefits
  • Next-generation security prevention, protection and performance
  • Industry-leading intrusion protection and firewall—as tested NSS Labs—delivers 1,000s of signature, behavioral and preemptive protections
  • Check Point is ranked #1 in Microsoft and Adobe threat coverage
  • Combines with best-of-breed firewall, application control, URL filtering, DLP and more on the most comprehensive, network-class next gen firewall
  • Unrivaled, multi-Gigabit performance in an integrated IPS
  • Up to 15 Gbps of IPS and 30 Gbps of firewall throughput
  • Stateful Inspection and SecureXL technology deliver multi-tier IPS inspection and accelerated IPS throughput
  • CoreXL technology provides the most efficient and high-performance use of multi-core technologies
  • Lowest TCO and fastest ROI of any enterprise-class firewall solution
  • One-click activation of IPS and firewall protection on any Check Point gateway
  • Delivers unmatched extensibility and flexibility—all without adding CapEx
  • Integrated into Check Point Software Blade Architecture for on-demand security
The Check Point IPS Software Blade is delivering better security than our previous IPS software solution and at a lower cost. Check Point has designed the IPS software blade for efficient resource utilization, which improves performance, mission critical availability, and uptime. Complete Intrusion Prevention System (IPS) Functionality The Intrusion Protection System Software Blade complements firewall protection, further securing your network without degrading gateway performance. Full-featured IPS The IPS Software Blade provides a complete Intrusion Prevention System security solution, providing comprehensive network protection against malicious and unwanted network traffic, including:
  • Malware attacks
  • Dos and DDoS attacks
  • Application and server vulnerabilities
  • Insider threats
  • Unwanted application traffic, including IM and P2P
  • Geo-protections
Geo-protections enforce or monitor traffic based on the source or destination country. Create a geo-protection policy with exceptions to allow legitimate traffic through while blocking or monitoring traffic from unknown and untrusted sources. Monitor activity with the SmartEvent Software Blade. Trusted Security Real-Time protections – The IPS Software Blade is constantly updated with new defenses against emerging threats. Many of the IPS protections are pre-emptive, providing defenses before vulnerabilities are discovered or exploits are even created. Microsoft vulnerability coverage – Check Point is ranked #1 in Microsoft threat coverage, including preemptive protections against emerging vulnerabilities and exploits. Multi-gigabit Integrated IPS Performance Delivers up to 15 Gbps of IPS throughput with the default IPS profile. The IPS Software Blade incorporates a high-speed pattern matching engine that does multi-layered, 2-tier inspection for maximum performance with thousands of protections enabled. Dynamic Threat Management With the IPS Software Blade and the SmartEvent Software Blade you gain a new, dynamic management paradigm for today’s high volume, real-time and evolving threat environment. Check Point threat management workflows allow you to handle constant change quickly and efficiently, reducing your management overhead and allowing you to confidently and promptly deploy protections. The IPS Software Blade offers:
  • New protections sandbox – Build confidence in a ‘sandbox’ environment with no impact on your network.
  • Automatic protection activation – Activation of new protections, based on configurable parameters (performance impact, confidence index, threat severity). The difficulties of constant, individual management of thousands of protections are eliminated.
  • Unified Management – The IPS blade is configured and managed through a common Check Point management interface—the same one used to manage other security gateway Software Blades and Check Point dedicated IPS.
  • Configurable, actionable monitoring – Track events through detailed reports and logs of what is most important. The new Security Management Software Blade for IPS and Security Provisioning Software Blade simplify threat analysis and reduce operational overhead.
  • Business-level views – Customizable reports provide easy monitoring of critical security events associated with your business-critical systems.
  • Multi-dimensional sorting – Drag-and-drop columns of event data and the information will be automatically re-ordered.
  • Actionable event logs – Edit the associated protection, create an exception or view packet data directly from log entries.
... Learn more
ROI-calculator
Configurator
ROI-
-
20
2
logo
Offer a reference bonus
0.00

Claroty Continuous Threat Detection

Continuous Threat Detection extracts precise details about each asset on the industrial network, profiles all communications and protocols, generates a fine-grain behavioral baseline that characterizes legitimate traffic, and alerts you to network changes, new vulnerabilities and threats. The alerts the system generates provides the contextual information you need to investigate and respond quickly. Continuous Threat Detection delivers immediate value enabling customers to:
  • Rapidly detect industrial operations risk, enhance cyber resiliency, and minimize unplanned downtime
  • Prevent impact to physical processes, expensive industrial equipment or injuries to people
  • Quickly deploy and scale across multiple sites and reduce overall management costs
Extreme Visibility Continuous Threat Detection deeply understands ICS network communications, protocols and behaviors – providing detailed, accurate information that remains up-to-date. The system automatically discovers asset details across the entire industrial network – IP assigned, nested assets and assets that communicate over serial connections. Security and Operational Alerts Continuous Threat Detection creates a very fine-grain “baseline” model of the ICS environment.  Leveraging a “known good” baseline, and knowledge about how ICS systems work, Continuous Threat Detection employs advanced pattern matching techniques; generating rich alerts when anomalous activity or critical changes occur. Continuous Vulnerability Monitoring With deep insights into the ICS environment, CTD enables users to proactively identify and fix configuration and other network hygiene issues that can leave your network vulnerable to attacks. Leveraging proprietary intelligence, the system continuously monitors the network for new known vulnerabilities – providing precise CVE matching down to the firmware versions for industrial devices.
... Learn more
-
-
ROI-calculator
Configurator
ROI-
-
7
10
logo
Offer a reference bonus
0.00

Cleafy

Cleafy innovative threat detection and protection technology is available in an open and flexible platform that can be easily adopted to address several needs for protecting your online services and users. Features: Cleafy protects on-line services against advanced, targeted attacks from compromised web/mobile endpoints thanks to its unique real-time, client-less threat detection and prediction capabilities. Cleafy has been successfully adopted to protect millions of users against Man-in-the-Browser (MITB), Man-in-the-Middle (MITM), RAT-in-the-Browser, VNC/BackConnect, Mobile Overlay, and other types of attacks. Cleafy is fully client-less - it operates by integrating with server-side infrastructure: Cleafy provides out-of-the-box integrations with several Application Delivery Controller technologies. Cleafy does not require any application change and is completely transparent to end-users. Cleafy provides (no-touch) visibility on endpoints that allows customers to identify potential threats and prevent business disruption from targeted advanced attacks, gain insights on attack scenarios and techniques (e.g. by inspecting code injected by malware) and thus define best response actions and their overall security posture. Cleafy supports Online Fraud Prevention by providing real-time risk scoring and enabling selective risk-based authentication, thus preserving business continuity and user experience. Key Differentiators: Advanced threat detection and protection
  • Patented Full Content Integrity (FCI) continuously verifies full application integrity (DOM/XHR/API)
  • Deep threat visibility automatic extraction of threat evidence (e.g. malicious web-injects and mobile apps)
  • Patented Dynamic Application Encryption (DAE) to enable safe transactions from infected endpoints
Client-less and application-transparent
  • Client-less - no agent deployed and passive mobile SDK – no touch of application backend infrastructure
  • User-transparent – no impact on end-user experience, content delivery and endpoint performance
  • Application-independent - no changes required to application code – no re-training upon new releases
Open, scalable and cloud-ready
  • Open architecture and comprehensive REST APIs – integrates any Transaction Monitor, Case Mgmt, SIEM
  • Scalable to continuously monitor full application perimeter and analyze millions of events/day
  • Deployed either on-premise or over the Cloud
... Learn more
-
-
ROI-calculator
Configurator
ROI-
-
0
13
logo
Offer a reference bonus
0.00

Coronet SecureCloud

True cloud security must ensure users are authenticated, that the device used is not compromised, that the network used is safe, and yes, that the user behavior (Access, downloads, uploads, collaboration, reporting) is allowed. To ensure true cloud security, organizations must purchase, integrate, and operate multiple platforms - which is very expensive, very complicated, labor intensive, and extremely time consuming. SecureCloud platform tackles this problem by providing continuous, real time visibility, control and remediation, Coronet SecureCloud ensures that corporate data is used only by trusted users, using trusted devices, connecting through trusted networks to trusted cloud services.

Threat Protection

  • Ensure Control over who has access to the cloud platforms, and where from
  • Ensure GDPR, HIPPA, SOX, compliance, and detect PII, PHI, and EDR automatically
  • Block compromised devices from accessing corporate data in the cloud resources
  • Control what users can do, and who they can collaborate with
  • Prevent malware spread through cloud usage (such as file sharing)
  • Provide visibility into activity in the cloud, the devices used, and the data that was shared
  • Detect and mitigate advanced cloud-to-cloud attacks

SecureCloud device authentication

With SecureCloud, an organization can not only enforce fine-grained access control to a cloud service, but also create and enforce a policy that prohibits access from unmanaged devices with no active Coronet agent running. SecureCloud uses federated user authentication processes, such as SAML, that put the SecureCloud service in the path of SaaS applications. Each authentication request is steered to the SecureCloud authentication proxy that performs pre-authentication risk assessment based on user, device and service security postures and makes context-based access decisions.

Location based defense

Many organizations require that sensitive information and services only be accessed on premises or in secure locations. SecureCloud includes sophisticated location resources management and turns raw geo-location data into geo-spatial intelligence, leveraged in access control, threat prevention and data control.

Threat prevention

Additionally, the administrator can mark a named location as trusted or risky (white and black list). For a conditional access policy, the trusted or risky locations are yet another filter options available for conditional access policy definition. Named locations are also important for the reduction of false positives during detection of impossible travel and atypical locations risk events. SecureCloud identifies, mitigates, and automatically remediates threats across cloud services. It monitors activity patterns in the cloud, determines the behavioral models and establishes baselines. Upon connection of a cloud service, all cloud activity is scored according to various predefined risk factors. SecureCloud inspects every user session and takes automatic remediation actions when something happens that is different from either the baseline or from the user’s regular activity. In this manner, SecureCloud continues evolving its models as it observes new and often unusual behavior without human intervention. These capabilities set SecureCloud apart from traditional approaches that require an unreasonable number of manual updates to ensure accurate threats detection.


... Learn more
-
-
ROI-calculator
Configurator
ROI-
-
13
6
logo
Offer a reference bonus
0.00

CSPi Aria Software Defined Security

The ARIA SDS platform is a radically different approach to comprehensive network and data security as it employs capabilities normally only found in carrier-class or military-grade architectures. When deployed on available optional hardware offerings it provides the high-availability and fast failover and service-level assurance features demanded in a carrier-class infrastructure. It also uses military communication techniques to protect from penetration and administrative eavesdropping from set-up through operation. Yet, even with this added layer of functionality, the deployment and overall platform management is simple as it is handled through advanced zero-touch provisioning techniques. How It Works The ARIA Software-Defined Security (SDS) platform can secure and encrypt containers and/or VMs as they spawn on-premise, private data centers or public cloud instances. The ARIA software automatically applies the organization’s appropriate contextually aware security policies. Additionally, the ARIA Orchestrator automatically discovers the SDSi and manages the application of the appropriate type and level of security services upon deployment. The central execution, across an entire organization, using a single pane of glass, ensures the desired access controls, micro-segmentation, encryption service types and levels, and other service techniques are correctly applied – no matter where the applications are running – whether it’s on premises, in the public cloud, or anywhere in between. Benefits: Achieve SecDevOps Balance the InfoSec requirement to maintain the consistent application of security policies and data protection with the desire of application developers for more agile and flexible DevOps practices. With ARIA, developers can simply select and connect to their applications for complete encryption. Gain a Cost-effective, End-to-End Security Solution The ARIA software defined security solution works with any enterprise infrastructure, is easy to deploy, and costs up to ten times less than other server host-based encryption solutions. Organizations that run critical security functions on the Myricom ARC Series SIA (versus the server processor) can expect cost savings in the need for fewer server upgrades and lower power consumption, while also achieving increased application performance. Secure Data at Rest, in Motion and in Use It’s not good enough to protect stored data. You must also have a solution for when it moves across the network, when it is accessed and used. ARIA applies the appropriate encryption policies by application, device, or data type – under any use and at any time. Improve Application and Server Performance Advanced security functions like encryption, micro-segmentation, or tokenization are CPU-intensive and, if run through local servers, may cause an unacceptable delay in application performance. The ARIA platform runs seamlessly with the Myricom ARC Series SIA, making it the ideal choice for server off-load. In addition the SIA serves as a zone of trust for keys, making them impenetrable to breaches.
... Learn more
-
-
ROI-calculator
Configurator
ROI-
-
10
6
logo
Offer a reference bonus
0.00

Curtail Security ReGrade

ReGrade: Keep systems up and running by testing with live traffic, before you go live Today’s software doesn’t come in a box. It just runs—non-stop. Your Software and DevOps teams have to keep things running while continually releasing new application features—sometimes pushing code updates as fast as they’re written. Yesterday’s testing methods weren’t made for this. ReGrade uses patented, comparison-based traffic analysis to evaluate release versions side-by-side—quickly locating differences or defects. Users only see the production system, but ReGrade compares the two systems, finding bugs and other unintended changes before release. And ReGrade gives insight on performance too—by tracking server response times against identical loads and requests. ReGrade:
  • Verifies quality of software upgrades and patches using real production traffic
  • Prevents costly rollbacks and cumbersome staging
  • Enables regression testing in development, QA, and production
  • Spots differences in content, metadata, application behavior and performance
  • Speeds debugging with packet capture and logging
ReCover: Detect and Isolate Attacks-Even Zero-Day-Without Impacting Operations Redundancy is no guarantee of continuity when your backup systems have been corrupted. Modern systems need proactive monitoring and resilience—not just redundancy. ReCover detects anomalies—including zero-day attacks—by comparing network responses across servers. In an alarm, affected systems are isolated and traffic is switched to clean, resilient servers. With traditional intrusion detection solutions, administrators bring their own systems down on false positives just to make sure they’re ok. But that defeats the point. By switching traffic to a resilient, clean system with an independent attack surface, ReCover keeps operations going even in the face of threats. False positives don’t matter. ReCover: Provides intrusion detection without interrupting operations Detects zero-day attacks with patented comparison technology Isolates attacks while enabling operations to continue on clean servers
... Learn more
-
-
ROI-calculator
Configurator
ROI-
-
6
18
logo
Offer a reference bonus
0.00

Cyber adAPT skwiid

Entirely focused and dedicated to Network threat detection to secure the enterprise as part of a comprehensive security strategy with skwiid® finding more attacks faster than all other approaches. WHY SKWIID® FROM CYBER ADAPT
  • Patented Technology. Consistently finding threats that others don’t
  • Automatically And Quickly Detect Threats. Finding threats that have evaded perimeter defenses
  • Experienced Development Team. Decades of cyber security experience
  • Industry Leading Research Team. Using unique Intellectual Property to find, analyze, and identify the latest attacks updating our systems in the field daily
  • Simple, Non-Intrusive, Highly Scalable, Low Cost Installation. With a variety of deployment and professional service options
  • Subscription Based Pricing Model. Cost effectively delivers cyber security as a service to any size enterprise
Features: Probe Real-time, passive device that monitors 100% of your network traffic Collector Hosted in Cyber adAPT's Cloud collecting and collating alerts from all probes providing you with a single view of all threat indicators GUI/API Single point of management with multiple options for viewing threats Professional Services Our Team provides training, monitoring, incident notification and investigative support when your network is threatened
... Learn more
-
-
ROI-calculator
Configurator
ROI-
-
18
6
logo
Offer a reference bonus
0.00

CyFIR

CyFIR is a flexible, remote digital forensics and incident response solution backed by a team of experienced security analysts and practitioners. Whether you are looking to complete your existing security stack, institute an incident response retainer as part of your incident response or mediation strategy, or need immediate help in the aftermath of a breach, CyFIR can provide a solution tailored to your needs. CyFIR Capabilities: EDISCOVERY Fast and accurate document collection without disrupting system performance. INCIDENT RESPONSE & DIGITAL FORENSICS Immediate forensic analysis and incident response reduces the cost of a breach by 25 percent or more. INTERNAL INVESTIGATION Continuous network security monitoring and access logging of critical network assets. THREAT ASSESSMENT Near real-time visibility into network endpoints without impact network operations. THREAT HUNTING Proactive, human-centered content profiling and endpoint review. Benefits:

     

  • Remote. Forensically access computing endpoints across your entire enterprise from a single workstation.
  •  

  • Live. Search the content of your files for keywords, matching patterns, and more with results appearing as they’re found.
  •  

  • Speed. Virtually instantaneous forensic-level access to endpoints even in low bandwidth environments.
  •  

  • Visibility. Near real-time visibility and extraction of RAM, live file systems, deleted data, and unallocated disk space content across your network.
  •  

  • Accuracy. Comprehensive search and detection capabilities deliver forensically-sound analysis – ensuring good cyber hygiene and improving the fidelity of enterprise-wide queries.
  •  

  • Integration. Perform forensic tasks without network downtime or user interruption, even when searching Microsoft Exchange mail servers.
  •  

  • Compatibility. Access forensic artifacts from most versions of Microsoft Windows Workstations / Servers / Point of Sale, macOS, and Linux Systems including data and malware processes obscured by a compromised OS.
  •  

... Learn more
-
-
ROI-calculator
Configurator
ROI-
-
11
4
logo
Offer a reference bonus
0.00

CyOPs Platform

The CyOPs Platform utilizes CyberSponse’s patented technological process to fill the gap between automation-only and human dependent security organizations, while also facilitating cross-functional collaboration. Integrate your SOCs entire security stack behind a single pane of glass with unlimited daily actions, fortifying your data and maximizing ROI.

Incident Management

Distinguishing Real Threats From Endless Alerts

Real threats are often overlooked, largely as a result of the copious amount of alert notifications that accumulate daily. CyOPs Automated Intelligent Triaging enables Security Analysts to efficiently uncover these important alerts, prioritizing them based on severity, asset, intelligence, and frequency. To investigate alerts more efficiently, it’s very important to be able to understand and review data in a consumable manner. CyOPs Case Management solution understands the need to manage data effectively and provides options to:
  • Manage Alert and Incident Listings in a filter-able grid view
  • Ability to add mini-dashboards on each grid to gain visibility into the bigger picture and understand trends
  • Ability to define new modules, unlike any other SOAR offering- with customization of modules such as fields, views, and permissions
  • Visual layout editor to define custom views, data models, fields, and grids

CyOPs for MSSPs

Integrate All Your Security Tools

Enterprise-level SOCs leverage a multitude of products and tools to effectively resolve incidents and fulfill compliance requirements.  CyOPs caters to our clients’ specific environment needs due to the customizability of product, which results in greater efficiency, eliminated alert fatigue, and maximizes their ROI. The CyOPs Integrations Repository has over 280 available integrations, enabling users to automate their entire security stack behind a single pane of glass.
A unified console built on the only enterprise multi-tenancy architecture.
  • Obtain a complete overview of all your customers (tenants) in a single unified CyOPs master console.
  • Filter views by customers, to understand the customer’s current state
  • Assign and adhere to the Roles and Permissions assigned to each tenant
  • Create customer specific alert and incident views
  • Robust and scalable architecture for load-balancing usage

Role Based Custom Dashboards

Insight From Multiple Perspectives

CyOPs offers customers enterprise dashboards enabling better decision making.
  • Choose from multiple canned dashboards from multiple perspectives
  • Export and import dashboard templates
  • Export dashboard views as PDFs

Full Role-Based Access Control

  • Assign multiple roles to each dashboard to control visibility across the team.
  • Ability to assign roles and permissions to dashboard templates
  • Ability to make selected dashboards as default for all system users
  • Ability to create user-specific dashboards and reports

Reporting

Library of Out-of-the-box Reports

  • Leverage the CyOPs Report Library for a quick start with many commonly used reports
  • Use ready-made reports like Incident Closures, Alert Closures, IOC Summaries etc.
  • CyOPs Support Portal using Report Import functionality
  • Customize out-of-the-box reports for organization-specific metrics
  • Export Reports in CSV & PDF Formats

Queue Management

Create Dedicated Queues

Leverage the built-in CyOPs Queue Management to handle automatic work assignments across multiple queues and teams
  • Create multiple queues across multiple teams
  • Add multiple team members to each Queue
  • Define logical rules for auto assignments to a specific member or team
  • Option to add work tasks manually to any queue

Manage SOC Shift Change With Ease

Streamline SOC Team Onboarding & Management

CyOPs™ enables new SOC team members to start making an impact right away due to its ease of use and ability to retain information from previous employees. Standardized trackable and repeatable processes result in a more efficient onboarding plan for new SOC team members. Create standard automated response processes using the most versatile enterprise drag-and-drop CyOPs Playbook builder that not only retains team knowledge but also shortens incident response times. Maximize your team and security stack with CyOPs™ automation.
  • SOCs that work in multiple shifts perfects shift changeovers with ease
  • Create multiple queues for different shifts
  • Define rules for assigning alerts and incidents based on the timezone
  • Obtain snapshots of a shift’s queue to better understand task status
  • Option to add manual tasks to any queue or team member
... Learn more
-
-
ROI-calculator
Configurator
ROI-
-
1
4
logo
Offer a reference bonus
0.00

Deceptive Bytes

Deceptive Bytes provides an innovative solution against threats in enterprises’ most critical and exposed assets, their endpoints! The solution creates dynamic & deceptive information which interferes with any attempt to recon the environment and deters the attacker from executing its malicious intents, through all the stages of compromise in the Attack Kill Chain – covering advanced & sophisticated malware techniques, constantly making sure all the endpoints & data in the enterprise are secured. Features: Preemptive Defense Making malware believe it’s in an unattractive/hostile environment to attack and reducing the chances of a successful attack. For example, creating a sandbox/VM environment which deter malware. Proactive Defense Actively responding to threats as they evolve, changing the outcome of the attack through all the stages of the Endpoint Kill Chain. For example, deceiving and stopping Ransomware, thinking it succeeded encrypting the files as the solution safeguard them. Behavioral Defense Identifying & preventing legitimate apps being used for malicious operations. For example, stopping execution of powershell/command line initiated from word/excel files that are used by attackers to infect the endpoint. Benefits: Preemptive and Proactive
  • Prevents unknown and sophisticated threats
  •  

  • Very high prevention and detection rates
  •  

  • Real time detection & response
  •  

Lightweight
  • System-wide protection with pinpoint handling
  •  

  • Deploys in seconds & Easy to operate
  •  

  • Low resource usage (CPU, memory & disk) - No UX impact
  •  

Signature-less
  • NO constant updates
  •  

  • Operates in stand-alone/disconnected & VDI environments
  •  

  • Stops millions of threats using only 1 evasion technique
  •  

Reliable
  • High stability - operates in User-mode
  •  

  • Triggering high-fidelity alerts
  •  

  • Low to non-existing false positive rate
  •  

... Learn more
-
-
ROI-calculator
Configurator
ROI-
-
10
6
logo
Offer a reference bonus
0.00

Defence Intelligence Nemesis

Nemesis is a DNS Security component focused on advanced malware detection and protection. Nemesis identifies compromised systems in your company’s network and prevents new compromises. Command and control communication, phishing, fraud, malware, exploits, and other malicious activity is blocked automatically. With continual traffic analysis and rule updates, Nemesis is always aware of the latest threats to your enterprise network. Discover your new friend and malware's new Nemesis. What it does? Automatic Blocking Nemesis is a real time malware protection tool that analyzes your network traffic for suspicious and malicious traffic indicators. Understanding your network traffic behaviour, Nemesis can remain fluid and smart enough to adapt to threats facing your business. Nemesis responds immediately to threats by blocking DNS traffic for command and control domains, and sites hosting malware or exploits. With the majority of malware using DNS to stay in flux, a DNS based malware product can reduce incidents, response time, and protect your network from breaches and data theft. Compromised System Identification Malware can run stealthily in the background or show its face as ransomware. To be effective in either case it has to communicate outside of your network. Nemesis blocks at the DNS level which means the domain name never gets resolved, no subsequent communication can follow, and the compromised system is identified while mitigating the threat. With custom IP blocking you can send malicious communication to an internal sandbox for analysis or warn the user and network administrator of the activity. Protection from Malware There are countless threats to your network. Identifying compromise when it occurs is greatly beneficial but prevention of compromise is best. Nemesis protects against a spectrum of malicious activity, including phishing, fraud, spam, attacks, exploits, and malware. Rules are continually updated and adjusted to your organization, keeping your network safe from threats as they arise. Our console is fully equipped, whether you have one component or the full DNS Security Suite.
  • Real time monitoring of your DNS traffic
  •  

  • Ruleset creation and customization; add your own blacklists or whitelists to enhance rule application
  •  

  • User access control and activity logs
  •  

  • Customizable report generator
  •  

... Learn more
-
-
ROI-calculator
Configurator
ROI-
-
20
2
logo
Offer a reference bonus
0.00

Dragos WorldView

Dragos WorldView is the industrial cybersecurity industry’s only product exclusively focused on ICS threat intelligence. Prepared by Dragos’ expert ICS/OT threat intelligence analysts, it is the essential supplement to any IT-focused intelligence product used by IT or OT professionals with responsibility for an ICS network. Dragos WorldView calls out and cuts through the hype and speculation surrounding ICS cybersecurity, providing an effective antidote to the fear, uncertainty and doubt it sows.

WorldView threat intelligence feeds, alerts, reports, and briefings provide deep, context-rich insight, illuminating the malicious actors and activity targeting industrial control networks globally. This knowledge enables ICS defenders to make both tactical decisions and strategic recommendations on ICS cybersecurity quickly, and with confidence.
Dragos Worldview provides National Grid with clearly articulated intelligence, backed by evidence and specific information to help us mitigate threats. The clear understanding Dragos has of the environment in which we operate, allows us to cut through the hype around many potential industry vulnerabilities, so we can focus on the ones that matter most as we look after vital infrastructure and ensure supply to our customers.
National Grid


Dragos WorldView Content


  • ICS-themed malware identification and analysis ICS vulnerability disclosures and analysis
  • ICS adversary behavior trends
  • ICS threat/incident media report analysis and commentary
  • Cybersecurity conference presentations and researcher discoveries with Dragos’ expert perspective
  • Key indicators of compromise (IOCs) for defenders to utilize


Dragos WorldView Benefits

Immediacy: critical threat alerts inform you of rapidly escalating ICS threat situations
Efficiency: expert threat identification and analysis combats alert fatigue
Effectiveness: reduce adversary dwell time and mean time to recovery (MTTR)
Insight: ICS vulnerability, threat and incident assessments promote informed, timely, and confident decision making


... Learn more
-
-
ROI-calculator
Configurator
ROI-
-
16
13
logo
Offer a reference bonus
0.00

DXC Security Platform

DXC Technology’s Security Platform helps organizations deliver an efficient security response, streamline remediation and clearly visualize security posture. It does so by extending the cloud-based IT service management capabilities of ServiceNow to security teams. This platform combines DXC’s cybersecurity operational processes and advanced workflows together with ServiceNow to automate manual processes and prioritize threats, incidents and vulnerabilities based on their potential impact on the business. Available as a fully managed service through DXC Intelligent Security Operations, the DXC Security Platform ensures continuous monitoring and management of incidents and vulnerabilities by DXC’s 24/7 global Security Operations Centers (SOCs). DXC’s global ServiceNow practice provides consulting services and project accelerators to ensure that organizations improve efficiency and lower costs as they elevate service management to the cloud. Key benefits:
  • Correlation of information on incidents and vulnerabilities to the configuration management database (CMDB) to understand the business criticality, allowing incident responders to work on the most important issues first
  • Workflows that follow National Institute of Standards and Technology best practices for computer/IT security incident handling (NIST SP 800-61r2)
  • Automated post-incident review report that eliminates the need for manual post-mortem reports
  • Automatic triggering of a patching process, configuration changes or other standard workflows, by specific types of security incidents and vulnerabilities
  • At-a-glance dashboards that show executives and analysts the exact status of their overall security posture as well as enable drill-down to a specific incident
  • Indicators of compromise automatically linked with security incidents and vulnerabilities, streamlining and automating the  manual process of threat investigation and incident triage
Extensive collaboration capabilities Built on proven ServiceNow applications for IT Service Management (ITSM), IT Operations Management (ITOM) and IT Business Management (ITBM), DXC’s Security Platform supports forms-based workflow application development and extensive collaboration integrated with workflows, including:

  •     Chat capabilities
  •     Content and knowledge management
  •     Task management

Through increased automation and improved collaboration, security and IT teams can work more closely to hold the entire organization accountable for solving issues quickly. These streamlined processes can help expand the capacity of security analysts and response teams to respond more efficiently to attacks and incidents. As a result, the DXC Security Platform will help reduce overall risks enterprise-wide.

 

Comprehensive support services

DXC offers a complete array of managed security services for cloud, traditional data center, endpoint, identity and network  management. DXC’s Security Platform can be integrated with DXC’s services:
  •     24x7 SOCs for continuous monitoring and management of incidents and vulnerabilities
  •     Cyber assurance for account and security service management
  •     Incident management team for response to user- and machine generated incidents
  •     Managed SIEM
  •     Managed vulnerability assessment
  •     Global threat intelligence
  •     Client ITSM environments, if needed (at additional cost for integration)
  •     Service Desk, if needed (at additional cost)

 

Why DXC?

With 40 years of experience in information security, DXC is one of the world’s few companies that provide end-to-end services to monitor and safeguard systems — from strategic consulting and technical assessments to managed security services.

Key features:


Security Services Catalog and User Ticketing. Allows security teams to manage and respond to user-generated security incidents. Handles incidents raised by users over the telephone, email or the security catalog. Integrates with threat intelligence portal. Requests automation among IT, end users and security teams

Security Information and Event Management (SIEM) Integration. Allows security teams to test, execute and audit security response plans. Handles network- and non-network-related incidents. Integrates with threat intelligence portal. Requests automation among IT, end users and security team. Predefines workflows for common security incidents

Vulnerability Management. Manages vulnerability investigations and aligns remediation activities. Integrates with the National Vulnerability Database. Includes third-party integration with market-leading vulnerability identification solutions. Seamlessly integrates with incident response tasks, change requests and problem management. Predefines workflows for common security vulnerability types

... Learn more
-
-
ROI-calculator
Configurator
ROI-
-
14
20

The ROI4CIO Product Catalog is a database of business software, hardware, and IT services. Using filters, select IT products by category, supplier or vendor, business tasks, problems, availability of ROI calculator or price calculator. Find the right business solutions by using a neural network search based on the results of deployment products in other companies.