View
Sorting
Products found: 67
A10 THUNDER®TPS
AhnLab EPS
- Proactively protects against unknown malware
- Prevents malware-induced security breaches
- Provides system stability without requiring signature or patch updates
- Eliminates interruptions caused by malicious or unauthorized software
- Operates around the clock without the need for constant maintenance
- Allows simple administration and implementation
- Reduces system and data restoration costs by preventing malware damages
- Reduces time and costs required for system security and maintenance
Allot Communications Secure Service Gateway
- See how well your mission-critical applications are performing and supporting user productivity
- Control application performance and improve Quality of Experience according to business priorities
- Keep malicious or unauthorized user/application traffic off your network
- Neutralize threats and ensure ongoing performance of business applications
- Enforce Acceptable Use Policy for shadow IT, BYOD, resource usage
- Troubleshoot and resolve network issues in real time
- Simplify and automate your operations
- Reduce opex and TCO
Argus Connected ECU
KEY BENEFITS
AUTONOMOUS. Prevents attacks in real-time without connectivity to the outside world or human intervention MULTI-LAYERED. Provides multiple independent protection layers, to defend against all types of attacks. AUTOMOTIVE-GRADE. Built for the automotive industry and addresses unique automotive security challenges. CONTROL FLOW INTEGRITY (CFI). Prevents exploitation of vulnerabilities, by ensuring that the ECU program does not deviate from its expected execution flow. SYSTEM LIMITER. Prevents unauthorized commands and resource access with an automotive-grade mandatory access control. PLATFORM INTEGRITY. Prevents and blocks unauthorized software from running on the ECU by validating the software at boot and during runtime. SECURITY LOGGER. Collects and securely stores security events from each module, and from other data sources in the ECU, for further analysis by the OEM. THREAT DETECTION. Prevents attacks in real-time, by identifying and responding to suspicious behavior across the ECU that may indicate an unknown attack. ECU FIREWALL. Prevents attacks from spreading to the in-vehicle network by blocking malicious communications using Deep Packet Inspection.KEY FEATURES
- Supports Linux, QNX, and Android operating systems
- Saves time with seamless Integration and easy configuration
- Designed for easy reuse across ECUs
- Consumes minimal system resources
- Supports future module activation
Avocado Systems Platform
- One Touch Segmentation. Deterministic threat detection at the web, application and database tiers.
- Zero Policies. Highest resolution application of the pico segmentation without any policy.
- Platform Agnostic. Bare metal, virtualized, containerized, and server-less platforms.
Carbon Black (CB) ThreatHunter
CB ThreatHunter is an advanced threat hunting and incident response solution delivering unfiltered visibility for top security operations centers (SOCs) and incident response (IR) teams.CB ThreatHunter is delivered through the CB Predictive Security Cloud (PSC), a next-generation endpoint protection platform that consolidates security in the cloud using a single agent, console and dataset.
By leveraging the unfiltered data collected by the PSC, CB ThreatHunter provides immediate access to the most complete picture of an attack at all times, reducing lengthy investigations from days to minutes. This empowers teams to proactively hunt for threats, uncover suspicious behavior, disrupt active attacks and address gaps in defenses before attackers can.
Along with unfiltered visibility, CB ThreatHunter gives you the power to respond and remediate in real time, stopping active attacks and repairing damage quickly.
Key Capabilities
Complete Endpoint Protection Platform
Built on the CB Predictive Security Cloud, CB ThreatHunter provides advanced threat hunting and incident response functionality from the same agent and console as our NGAV, EDR and real-time query solutions, allowing your team to consolidate multiple point products with a converged platform.
Continuous & Centralized Recording
Centralized access to unfiltered endpoint data means that security professionals have all the information they need to hunt threats in real time as well as conduct in-depth investigations after a breach has occurred.
Attack Chain Visualization & Search
CB ThreatHunter provides intuitive attack chain visualization to make identifying root cause fast and easy. Analysts can quickly jump through each stage of an attack to gain insight into the attacker’s behavior, close security gaps, and learn from every new attack technique to avoid falling victim to the same attack twice.
Live Response for Remote Remediation
With Live Response, incident responders can create a secure connection to infected hosts to pull or push files, kill processes, perform memory dumps and quickly remediate from anywhere in the world.
Automation via Integrations & Open APIs
Carbon Black boasts a robust partner ecosystem and open platform that allows security teams to integrate products like CB ThreatHunter into their existing security stack.
Centripetal Networks CleanINTERNET
- Lowers false positives through bulk enforcement of millions of complex IOC rules, paired down from hundreds of millions of indicators
- Greatly reduces event volume through intelligence-based filtering and data aggregation
- Converts indicators to action on a continuous basis, as intelligence feeds are dynamically updated
- Organizations cannot apply threat intelligence at-scale
- High latency rates limit real-time prevention of known threats. Less than 1% of compromise indicators are persistently applied to an organization’s defense
- Eradicate threats based threat intelligence enforcement
- Focus on investigating the 10% of threats that are unknown
Without a single platform that can process the amount of threat intelligence necessary to actively defend the business, security teams have been struggling. Firewalls and IPS systems are not the answer.
Centripetal has solved this problem with its invention of the Threat Intelligence Gateway. This solution fundamentally changes how cyber teams filter bad traffic based on intelligence, allowing them to:
Check Point Intrusion Prevention System Software Blade
- Next-generation security prevention, protection and performance
- Industry-leading intrusion protection and firewall—as tested NSS Labs—delivers 1,000s of signature, behavioral and preemptive protections
- Check Point is ranked #1 in Microsoft and Adobe threat coverage
- Combines with best-of-breed firewall, application control, URL filtering, DLP and more on the most comprehensive, network-class next gen firewall
- Unrivaled, multi-Gigabit performance in an integrated IPS
- Up to 15 Gbps of IPS and 30 Gbps of firewall throughput
- Stateful Inspection and SecureXL technology deliver multi-tier IPS inspection and accelerated IPS throughput
- CoreXL technology provides the most efficient and high-performance use of multi-core technologies
- Lowest TCO and fastest ROI of any enterprise-class firewall solution
- One-click activation of IPS and firewall protection on any Check Point gateway
- Delivers unmatched extensibility and flexibility—all without adding CapEx
- Integrated into Check Point Software Blade Architecture for on-demand security
- Malware attacks
- Dos and DDoS attacks
- Application and server vulnerabilities
- Insider threats
- Unwanted application traffic, including IM and P2P
- Geo-protections
- New protections sandbox – Build confidence in a ‘sandbox’ environment with no impact on your network.
- Automatic protection activation – Activation of new protections, based on configurable parameters (performance impact, confidence index, threat severity). The difficulties of constant, individual management of thousands of protections are eliminated.
- Unified Management – The IPS blade is configured and managed through a common Check Point management interface—the same one used to manage other security gateway Software Blades and Check Point dedicated IPS.
- Configurable, actionable monitoring – Track events through detailed reports and logs of what is most important. The new Security Management Software Blade for IPS and Security Provisioning Software Blade simplify threat analysis and reduce operational overhead.
- Business-level views – Customizable reports provide easy monitoring of critical security events associated with your business-critical systems.
- Multi-dimensional sorting – Drag-and-drop columns of event data and the information will be automatically re-ordered.
- Actionable event logs – Edit the associated protection, create an exception or view packet data directly from log entries.
Claroty Continuous Threat Detection
- Rapidly detect industrial operations risk, enhance cyber resiliency, and minimize unplanned downtime
- Prevent impact to physical processes, expensive industrial equipment or injuries to people
- Quickly deploy and scale across multiple sites and reduce overall management costs
Cleafy
- Patented Full Content Integrity (FCI) continuously verifies full application integrity (DOM/XHR/API)
- Deep threat visibility automatic extraction of threat evidence (e.g. malicious web-injects and mobile apps)
- Patented Dynamic Application Encryption (DAE) to enable safe transactions from infected endpoints
- Client-less - no agent deployed and passive mobile SDK – no touch of application backend infrastructure
- User-transparent – no impact on end-user experience, content delivery and endpoint performance
- Application-independent - no changes required to application code – no re-training upon new releases
- Open architecture and comprehensive REST APIs – integrates any Transaction Monitor, Case Mgmt, SIEM
- Scalable to continuously monitor full application perimeter and analyze millions of events/day
- Deployed either on-premise or over the Cloud
Coronet SecureCloud
Threat Protection
- Ensure Control over who has access to the cloud platforms, and where from
- Ensure GDPR, HIPPA, SOX, compliance, and detect PII, PHI, and EDR automatically
- Block compromised devices from accessing corporate data in the cloud resources
- Control what users can do, and who they can collaborate with
- Prevent malware spread through cloud usage (such as file sharing)
- Provide visibility into activity in the cloud, the devices used, and the data that was shared
- Detect and mitigate advanced cloud-to-cloud attacks
SecureCloud device authentication
With SecureCloud, an organization can not only enforce fine-grained access control to a cloud service, but also create and enforce a policy that prohibits access from unmanaged devices with no active Coronet agent running. SecureCloud uses federated user authentication processes, such as SAML, that put the SecureCloud service in the path of SaaS applications. Each authentication request is steered to the SecureCloud authentication proxy that performs pre-authentication risk assessment based on user, device and service security postures and makes context-based access decisions.Location based defense
Many organizations require that sensitive information and services only be accessed on premises or in secure locations. SecureCloud includes sophisticated location resources management and turns raw geo-location data into geo-spatial intelligence, leveraged in access control, threat prevention and data control.Threat prevention
Additionally, the administrator can mark a named location as trusted or risky (white and black list). For a conditional access policy, the trusted or risky locations are yet another filter options available for conditional access policy definition. Named locations are also important for the reduction of false positives during detection of impossible travel and atypical locations risk events. SecureCloud identifies, mitigates, and automatically remediates threats across cloud services. It monitors activity patterns in the cloud, determines the behavioral models and establishes baselines. Upon connection of a cloud service, all cloud activity is scored according to various predefined risk factors. SecureCloud inspects every user session and takes automatic remediation actions when something happens that is different from either the baseline or from the user’s regular activity. In this manner, SecureCloud continues evolving its models as it observes new and often unusual behavior without human intervention. These capabilities set SecureCloud apart from traditional approaches that require an unreasonable number of manual updates to ensure accurate threats detection.CSPi Aria Software Defined Security
Curtail Security ReGrade
- Verifies quality of software upgrades and patches using real production traffic
- Prevents costly rollbacks and cumbersome staging
- Enables regression testing in development, QA, and production
- Spots differences in content, metadata, application behavior and performance
- Speeds debugging with packet capture and logging
Cyber adAPT skwiid
- Patented Technology. Consistently finding threats that others don’t
- Automatically And Quickly Detect Threats. Finding threats that have evaded perimeter defenses
- Experienced Development Team. Decades of cyber security experience
- Industry Leading Research Team. Using unique Intellectual Property to find, analyze, and identify the latest attacks updating our systems in the field daily
- Simple, Non-Intrusive, Highly Scalable, Low Cost Installation. With a variety of deployment and professional service options
- Subscription Based Pricing Model. Cost effectively delivers cyber security as a service to any size enterprise
CyFIR
- Remote. Forensically access computing endpoints across your entire enterprise from a single workstation.
- Live. Search the content of your files for keywords, matching patterns, and more with results appearing as they’re found.
- Speed. Virtually instantaneous forensic-level access to endpoints even in low bandwidth environments.
- Visibility. Near real-time visibility and extraction of RAM, live file systems, deleted data, and unallocated disk space content across your network.
- Accuracy. Comprehensive search and detection capabilities deliver forensically-sound analysis – ensuring good cyber hygiene and improving the fidelity of enterprise-wide queries.
- Integration. Perform forensic tasks without network downtime or user interruption, even when searching Microsoft Exchange mail servers.
- Compatibility. Access forensic artifacts from most versions of Microsoft Windows Workstations / Servers / Point of Sale, macOS, and Linux Systems including data and malware processes obscured by a compromised OS.
CyOPs Platform
Incident Management
Distinguishing Real Threats From Endless Alerts
Real threats are often overlooked, largely as a result of the copious amount of alert notifications that accumulate daily. CyOPs Automated Intelligent Triaging enables Security Analysts to efficiently uncover these important alerts, prioritizing them based on severity, asset, intelligence, and frequency. To investigate alerts more efficiently, it’s very important to be able to understand and review data in a consumable manner. CyOPs Case Management solution understands the need to manage data effectively and provides options to:- Manage Alert and Incident Listings in a filter-able grid view
- Ability to add mini-dashboards on each grid to gain visibility into the bigger picture and understand trends
- Ability to define new modules, unlike any other SOAR offering- with customization of modules such as fields, views, and permissions
- Visual layout editor to define custom views, data models, fields, and grids
CyOPs for MSSPs
Integrate All Your Security Tools
Enterprise-level SOCs leverage a multitude of products and tools to effectively resolve incidents and fulfill compliance requirements. CyOPs caters to our clients’ specific environment needs due to the customizability of product, which results in greater efficiency, eliminated alert fatigue, and maximizes their ROI. The CyOPs Integrations Repository has over 280 available integrations, enabling users to automate their entire security stack behind a single pane of glass.A unified console built on the only enterprise multi-tenancy architecture.
- Obtain a complete overview of all your customers (tenants) in a single unified CyOPs master console.
- Filter views by customers, to understand the customer’s current state
- Assign and adhere to the Roles and Permissions assigned to each tenant
- Create customer specific alert and incident views
- Robust and scalable architecture for load-balancing usage
Role Based Custom Dashboards
Insight From Multiple Perspectives
CyOPs offers customers enterprise dashboards enabling better decision making.- Choose from multiple canned dashboards from multiple perspectives
- Export and import dashboard templates
- Export dashboard views as PDFs
Full Role-Based Access Control
- Assign multiple roles to each dashboard to control visibility across the team.
- Ability to assign roles and permissions to dashboard templates
- Ability to make selected dashboards as default for all system users
- Ability to create user-specific dashboards and reports
Reporting
Library of Out-of-the-box Reports
- Leverage the CyOPs Report Library for a quick start with many commonly used reports
- Use ready-made reports like Incident Closures, Alert Closures, IOC Summaries etc.
- CyOPs Support Portal using Report Import functionality
- Customize out-of-the-box reports for organization-specific metrics
- Export Reports in CSV & PDF Formats
Queue Management
Create Dedicated Queues
Leverage the built-in CyOPs Queue Management to handle automatic work assignments across multiple queues and teams- Create multiple queues across multiple teams
- Add multiple team members to each Queue
- Define logical rules for auto assignments to a specific member or team
- Option to add work tasks manually to any queue
Manage SOC Shift Change With Ease
Streamline SOC Team Onboarding & Management
CyOPs™ enables new SOC team members to start making an impact right away due to its ease of use and ability to retain information from previous employees. Standardized trackable and repeatable processes result in a more efficient onboarding plan for new SOC team members. Create standard automated response processes using the most versatile enterprise drag-and-drop CyOPs Playbook builder that not only retains team knowledge but also shortens incident response times. Maximize your team and security stack with CyOPs™ automation.- SOCs that work in multiple shifts perfects shift changeovers with ease
- Create multiple queues for different shifts
- Define rules for assigning alerts and incidents based on the timezone
- Obtain snapshots of a shift’s queue to better understand task status
- Option to add manual tasks to any queue or team member
Deceptive Bytes
- Prevents unknown and sophisticated threats
- Very high prevention and detection rates
- Real time detection & response
- System-wide protection with pinpoint handling
- Deploys in seconds & Easy to operate
- Low resource usage (CPU, memory & disk) - No UX impact
- NO constant updates
- Operates in stand-alone/disconnected & VDI environments
- Stops millions of threats using only 1 evasion technique
- High stability - operates in User-mode
- Triggering high-fidelity alerts
- Low to non-existing false positive rate
Defence Intelligence Nemesis
- Real time monitoring of your DNS traffic
- Ruleset creation and customization; add your own blacklists or whitelists to enhance rule application
- User access control and activity logs
- Customizable report generator
Dragos WorldView
WorldView threat intelligence feeds, alerts, reports, and briefings provide deep, context-rich insight, illuminating the malicious actors and activity targeting industrial control networks globally. This knowledge enables ICS defenders to make both tactical decisions and strategic recommendations on ICS cybersecurity quickly, and with confidence.
Dragos Worldview provides National Grid with clearly articulated intelligence, backed by evidence and specific information to help us mitigate threats. The clear understanding Dragos has of the environment in which we operate, allows us to cut through the hype around many potential industry vulnerabilities, so we can focus on the ones that matter most as we look after vital infrastructure and ensure supply to our customers.National Grid
Dragos WorldView Content
- ICS-themed malware identification and analysis ICS vulnerability disclosures and analysis
- ICS adversary behavior trends
- ICS threat/incident media report analysis and commentary
- Cybersecurity conference presentations and researcher discoveries with Dragos’ expert perspective
- Key indicators of compromise (IOCs) for defenders to utilize
Dragos WorldView Benefits
Immediacy: critical threat alerts inform you of rapidly escalating ICS threat situations
Efficiency: expert threat identification and analysis combats alert fatigue
Effectiveness: reduce adversary dwell time and mean time to recovery (MTTR)
Insight: ICS vulnerability, threat and incident assessments promote informed, timely, and confident decision making
DXC Security Platform
- Correlation of information on incidents and vulnerabilities to the configuration management database (CMDB) to understand the business criticality, allowing incident responders to work on the most important issues first
- Workflows that follow National Institute of Standards and Technology best practices for computer/IT security incident handling (NIST SP 800-61r2)
- Automated post-incident review report that eliminates the need for manual post-mortem reports
- Automatic triggering of a patching process, configuration changes or other standard workflows, by specific types of security incidents and vulnerabilities
- At-a-glance dashboards that show executives and analysts the exact status of their overall security posture as well as enable drill-down to a specific incident
- Indicators of compromise automatically linked with security incidents and vulnerabilities, streamlining and automating the manual process of threat investigation and incident triage
- Chat capabilities
- Content and knowledge management
- Task management
Through increased automation and improved collaboration, security and IT teams can work more closely to hold the entire organization accountable for solving issues quickly. These streamlined processes can help expand the capacity of security analysts and response teams to respond more efficiently to attacks and incidents. As a result, the DXC Security Platform will help reduce overall risks enterprise-wide.
Comprehensive support services
DXC offers a complete array of managed security services for cloud, traditional data center, endpoint, identity and network management. DXC’s Security Platform can be integrated with DXC’s services:- 24x7 SOCs for continuous monitoring and management of incidents and vulnerabilities
- Cyber assurance for account and security service management
- Incident management team for response to user- and machine generated incidents
- Managed SIEM
- Managed vulnerability assessment
- Global threat intelligence
- Client ITSM environments, if needed (at additional cost for integration)
- Service Desk, if needed (at additional cost)
Why DXC?
With 40 years of experience in information security, DXC is one of the world’s few companies that provide end-to-end services to monitor and safeguard systems — from strategic consulting and technical assessments to managed security services.Key features:
Security Services Catalog and User Ticketing. Allows security teams to manage and respond to user-generated security incidents. Handles incidents raised by users over the telephone, email or the security catalog. Integrates with threat intelligence portal. Requests automation among IT, end users and security teams
Security Information and Event Management (SIEM) Integration. Allows security teams to test, execute and audit security response plans. Handles network- and non-network-related incidents. Integrates with threat intelligence portal. Requests automation among IT, end users and security team. Predefines workflows for common security incidents
Vulnerability Management. Manages vulnerability investigations and aligns remediation activities. Integrates with the National Vulnerability Database. Includes third-party integration with market-leading vulnerability identification solutions. Seamlessly integrates with incident response tasks, change requests and problem management. Predefines workflows for common security vulnerability types
The ROI4CIO Product Catalog is a database of business software, hardware, and IT services. Using filters, select IT products by category, supplier or vendor, business tasks, problems, availability of ROI calculator or price calculator. Find the right business solutions by using a neural network search based on the results of deployment products in other companies.