View
Sorting
Products found: 55
Adlumin's Sentry
- Artificial Intelligence-Based Decisions
- No Rules to Write or Hardware to Manage
- Artificial Intelligence Writes Your SIEM Rules
- 24/7 Network Vulnerability Assessment
- Analyzes Firewall, VPN Log Data, & Network
- Automated Anomaly Interpretation
- User and Device Context/Correlation
- Automated log and Device Ingest
- Critical Server Log Management
- Real-time Intrusion Detection Alerts
- Windows & Linux Server Management
- Cloud and On-premise Ingest
- Integrated Compliance Management (PCI, FFIEC, FINRA)
- Secure & Encrypted Log Management
- Log Data Normalization
- Includes Reports Designed to Hand to Your Financial Auditor
- Risk Management, Visualization, and Analysis
- Automated Reporting for Auditors and Compliance
- Make Decisions in Minutes, Not Days
- Financial Compliance Audit Reports Included
- Know Everything About an Account with 1 Click
- 90-Days of Research Included with SIEM
- 24/7 Anomaly Hunting w/o Hiring Anyone
- Designed for Financial Institutions
- Understand Risk with 1 Button Click
Alcide Kubernetes Advisor
- Kubernetes infrastructure vulnerability scanning
- Hunting misplaced secrets, or excessive priviliges for secret access
- Workload hardening from Pod Security to network policies
- Istio security configuration and best practices
- Ingress Controllers for security best practices
- Kubernetes API server access privileges
- Kubernetes operators security best practices
- Deployment conformance to labeling, annotating, resource limits and much more
Allure Security
- Third-Party Monitoring. Know when third parties mishandle or share files outside of policy
- Document Flow Analytics. Uncover file access and sharing patterns both inside and outside of an organization
- Breach & Leak Detection. Be alerted early in the attack cycle if sensitive files are compromised or exfiltrated
- Risk Reports. Schedule monthly reports or generate them on-demand
- Data Loss Forensics. Track data loss back to the source and hold culprits accountable
- Geo Location Enrichment. Enrich file logs with proprietary geo location insights
Amazon Pinpoint
Balabit Blindspotter
Bay Dynamics Risk Fabric
Risk Fabric is a cyber risk analytics platform that calculates the value at risk associated with specific threats and vulnerabilities, and prescribes actions to measurably reduce cyber risk exposure. Using patented contextual data models and user and entity behavioral analytics (UEBA) technologies, stakeholders across the business common can now have metrics that prioritize remediation activities to the risks that matter most.
Key benefits:
- Proactive identification of exploitable critical systems and applications
- Actionable cyber risk insights throughcorrelation of relevant vulnerability and compliance data
- Effective response through prioritization and remediation of vulnerabilities
Bottomline's Cyber Fraud and Risk Management Platform
It empowers security, risk, compliance and investigative teams to:
- Dramatically improve visibility and reduce risk with cross-channel protection that leverages intelligent machine learning, rules based detection, and behavior profiling
- Stay ahead of regulations and protocols through technology infused with deep risk and compliance expertise across industries, payments types and applications
- Easily evolve your payment security program through a highly extensible and flexible platform that advances with your program as needed
Compliance. Accelerate speed to achieve regulatory compliance requirements, while decreasing complexity.
As part of the Cyber Fraud and Risk Management suite, Bottomline’s Compliance solution provides corporations and financial institutions with a powerful end-to-end offering to accelerate the speed to achieve regulatory compliance requirements while decreasing complexity.
Whether the need is around modernizing an anti-money laundering program, achieving more reliable sanctions screening, improving payments monitoring, highlighting settlement exposure, or automating suspicious activity reporting to meet regulatory requirements, Bottomline’s Compliance solution offers a modular approach to reducing the cost of compliance and increasing productivity.
Secure Payments. Protect payments across a variety of applications, channels, and payment types.
Bottomline’s Secure Payments solution protects payments across a variety of applications, channels, and payment types.
Whether it is one business critical application, channel and payment type, or a variety, our highly flexible and extensible platform delivers proven protection against payment fraud through advanced analytics of user behavior and transaction flows layered with intelligent machine learning, reducing risk for some of the largest corporations and financial institutions in the world.
User Behavior Analytics. Quickly identify and stop anomalous user activity through rich fraud analytics.
Bottomline’s User Behavior Analytics solution quickly identifies and stops anomalous user activity through intelligent machine learning, rules based detection, and years of experience protecting some of the largest corporations and financial institutions in the world.
The solution captures all user behavior in real-time across all vital systems and provides protection for both external threats in which user credentials have been compromised and internal threats from authorized users.
Powered by an analytics engine, statistical profiling of users and peer groups, alert correlation that includes predictive risk scoring and the ability to visually replay all user activity, the solution is purpose built for today’s threat landscape.
Carbon Black (CB) LiveOps
By providing administrators with real-time query capabilities from a cloud-native endpoint protection platform, CB LiveOps enables teams to make quick, confident decisions to improve their security posture. CB LiveOps closes the gap between security and operations, allowing administrators to perform full investigations and take action to remotely remediate endpoints all from a single solution. Key Capabilities Single Agent, Cloud Platform CB LiveOps is built on the PSC, a cloud-native endpoint protection platform that offers converged prevention, detection, and response with additional services that can be activated as you need them, using the same converged agent, without any additional deployment or infrastructure. On-Demand Queries CB LiveOps gives your Security & IT Operations team visibility into even the most precise about the current system state of all endpoints, enabling you to make quick, confident decisions to reduce risk. Immediate Remote Remediation CB LiveOps closes the gap between security and operations, giving administrators a remote shell directly into endpoints to perform full investigations and remote remediations all from a single cloud-based platform. Simplified Operational Reporting CB LiveOps allows you to save and re-run queries to automate operational reporting on patch levels, user privileges, disk encryption status and more to stay on top of your everchanging environment. FEATURES
- Pre-Built Recommended Queries
- Easy query builder
- SQL query (open text field)
- Copy & Re-run Queries
- Save and favorite queries
- Email notifications
- Filter and group results
- Data export
- Secure shell for remote remediation
- Two-way API
Carbon Black (CB) ThreatSight
- Threat validation
- Email alerting
- Root cause analysis
- Threat advisories
- Monthly reporting
CounterTack Predictive EEP
- Detect the Most Threats. Endpoint Protection Platform automatically collects and analyzes behavioral data on disk, in the OS and in memory to detect threats that evade other solutions
- Predict What Threats Will Do. It combines Predictive Analytics with advanced Machine Learning, to analyze threat capabilities and predict threat intentions with near zero false positives
- Automatically Mitigate Threats. Automatic mitigation actions delay and prevent the spread of threats to other endpoints on the network
- Advanced Mitigation Services. GoSecure combines Predictive EPP with threat hunting and mitigation expertise to help Security Teams protect their sensitive data and business operations
Crypteia Networks MOREAL
- A new layer of defence, complementing existing ones and maximizing value of network logs already generated & collected by your clients
- Non-intrusive and scalable cloud-based solution for rapid deployment
- Threat aggregation and behavioural analysis identifies threats in their infancy
- Real-time mitigation recommendations
- New visibility into existing security systems and hardware
- Utilizing advanced behavioural analytics and machine learning to help distinguish real threats from ones that cause non-productive, costly actions
- Generating actionable reports via a single intuitive dashboard
- Viewing network / security health and utilisation in real-time
- Leveraging a global threat database that uses Big Data Analytics and crowd sourcing to identify emerging threats
- Using advanced correlation engines for known and unknown threat identification, now penetrating and potentially already existing in your clients’ network
- Deploying enhanced security simply and quickly via a pure cloud solution, with an on-prem option available
Cybereason Platform
Cybereason Offerings Deep Hunting Platform The Cybereason Deep Hunting Platform delivers endpoint detection and response (EDR), nextgeneration antivirus (NGAV), managed threat hunting, and threat intelligence — all in one solution and one single lightweight sensor.
Built using Cybereason's proprietary cybersecurity data analytics architecture, the platform focuses on collecting and analyzing behavioral data and correlating disparate data points to identify malicious operations and facilitate immediate action. The Cybereason Deep Hunting Platform doesn't simply secure your data; it leverages your data to secure.
Cybereason Complete Endpoint Protection Implement comprehensive endpoint protection with Cybereason’s Complete Endpoint Protection platform. The solution integrates the power of EDR and next-generation antivirus (NGAV) so you can replace your legacy AV with a single advanced endpoint solution.
- Combination of centralized and endpoint-side analytics
- Behavioral analysis in the Cybereason Hunting Engine
- Full attack lifecycle protection
- Single sensor and single Response Interface
Cybereason RansomFree Keep your personal files safe from ransomware with Cybereason RansomFree. Built on the same Cybereason detection methodology, RansomFree is protection software designed to detect and stop ransomware from encrypting your files. With a mission to help everyone – not just large enterprises, it provides RansomFree at no cost because protection should be accessible to everyone.
Cynet 360
Cynet 360 is an advanced threat detection and response platform that accurately detects sophisticated cyber-attacks such as Advanced Persistent Threats (APT), advanced malware, trojans, ransomware and zero-day attacks that maybe lurking in an organization.
Cynet’s full enterprise visibility of endpoint and network activity allows it to detect threat indicators across the attack chain. Through continuous monitoring across files, user behaviors, network traffic, and endpoints, behavioral and interaction indicators are assessed to give a complete picture of an attack operation over time.
Cynet’s machine learning algorithms constantly profile what’s normal for a monitored environment; observed anomalies, threat indicators, suspicious traffic, and decoy interactions are correlated and enhanced with Cynet’s Threat Intelligence Cloud to provide true alerts of security incidents with risk levels for rapid response triage.
Driven by a light-footprint sensor agent, Cynet can be rapidly deployed to thousands of hosts with Windows, Mac OS, or Linux OS with no impact to the user. Automatic or manual response can be done through a single interface, enabling the remediation of affected hosts by killing processes, verifying files with dynamic analysis, blocking traffic, removing files, restarting hosts, changing passwords and more. Advanced forensic capabilities reveal direct threat evidence on an affected host, and associates the host with processes, users and network traffic data.
Cynet CyOps delivers additional value to the Cynet 360 platform with 24/7 insight and intelligence. Staffed by an elite group of cyber threat analysts and investigators, Cynet’s CyOps is an extra set of expert eyes dedicated to continuously monitor, prioritize and respond to threats.
Darktrace The Enterprise Immune System
- Market-leading AI cyber-threat detection in the Cloud;
- Detects, classifies and visualises cyber-threats that evade other defences;
- Self-learning technology - world-leading machine learning and AI;
- Not reliant on historical attacks to predict new threats;
- Models understanding of what 'normal' enterprise behaviour looks like;
- Detects threats emerging in real-time;
- Detects insider threat, low-and-slow attacks, automated viruses;
- Self-adapting as the organisation changes: no tuning or reconfiguration;
- New threat identification, irrespective of threat type or attacker;
- Rapid identification of anomalous activity providing early threat warning.
- Adaptive - evolves with your organisation;
- Self-learning - system constantly refines its understanding of 'normal';
- Probabilistic - works out the likelihood of serious threat;
- Realtime - spots cyber threats as they emerge;
- Works from day one - delivers instant value;
- Low false positives - correlation of weak indicators;
- Data agnostic - ingests all data sources;
- Highly accurate - models humans, device and enterprise behaviour;
- Installs in 1 hour - minimal configuration required;
- Passive monitoring to model 'pattern of life' usage (non-disruptive).
DNIF User Behavior Analytics
DNIF User Behavior Analytics provides early visibility to malicious insider threats and risky behavior on your network based on user behavioral anomalies. DNIF outperforms in known, unknown, real-time threat detection and helps organizations improve analyst productivity. Together DNIF SIEM and DNIF User Behavior Analytics can be a powerful tool to swiftly address the most sophisticated threats and accelerate investigations. It is built on ElasticSearch and monitors user behavior efficiently and effectively. It optimises detection profiles for users and entities to detect suspicious behavior and react quickly with 3rd party API lookups.
Key Talking Points:
- Detect outliers based on user account activity.
- Using profilers set dynamic baselines.
- Detect and normalize user activity trends.
Dragos Industrial Cybersecurity Platform
IDENTIFY ASSETS
Deep packet inspection (DPI) of ICS protocols, traffic, and asset characterizations, ability to consume host logs and controller events, and integrations with ICS assets such as data historians provide a complete view of ICS environments.DETECT THREATS
Complex characterizations of adversary tactics, techniques, and procedures through threat behavior analytics pinpoint malicious activityon ICS networks and provide in-depth context to alerts.RESPOND
Expert-authored investigation playbooks and case management guide defenders step-by-step through the investigation process to enable independence and transfer knowledge from our team to ICS defenders. Benefits:- Significantly reduce time to identify and inventory all assets and traffic on your network
- System-generated asset maps and reports provide consistent, time-driven views that are accurate, up-to-date, and thorough
- Automatic classification of assets based on behavior
- Set one or more baselines and get notifications when specific changes or anomalies occur in the environment over time
- Recognize new or rogue assets as they appear; identify assets that have disappeared from the network
- Powered by human-based intelligence that identifies adversary tradecraft and campaigns
- No bake-in or tuning period required; threat behavior analytics work immediately upon deployment
- Detect threats not simply as anomalies to investigate, but with context that guides effective response
- Notification filtering provides a risk-based approach to management
- Playbooks codify incident response and best-practice workflows developed by Dragos experts
- Manage incidents and cases from the same console cross-team
- Clear Indicator of Compromise reports guide attention to vulnerable assets
- Easily monitor case, notification, and analyst activity, as well as system-level health and statusT
- Splunk, QRadar, Pi Historian, LogRythym, Syslog, Windows Host Logs
Dtex Systems Advanced User Behavior Intelligence
The Dtex Platform is advanced user behavior intelligence that provides enterprise organizations with the critical intelligence that will help them detect and prevent insider-related breaches and, as a result, save organizations millions of dollars. It is used by enterprises worldwide, including companies such as Allianz, Aston Martin Racing, Eni/Saipem, Mizuho Bank and Sanyo. In February 2017, the Dtex Platform was recognized as the Leader in Insider Threat Detection by Cyber Defense Magazine.
Insider threats continue to pose a major risk in the modern cybersecurity landscape. To detect and prevent insider threats, enterprises need visibility and intelligence into user behavior.
Negligent users unintentionally risk security by attempting to find convenient productivity solutions, misunderstanding security practices, or through human error. Employees with malicious intent try to steal sensitive data or intellectual property. Advanced user behavior intelligence can catch these users, even when they are trying to cover their tracks, by identifying and alerting on behaviors that indicate a user may be trying to bypass company network controls or extract proprietary data. By using the industry’s most comprehensive library of thousands of known user threat behavior patterns, advanced risk modeling and combined risk scoring, Dtex enables security teams to determine exactly how sensitive data and valuable IP left the organization and who perpetrated the attack without excessive false positives.
The Dtex Advanced Behavior Intelligence Platform is scalable enough to be deployed enterprise-wide without negative impact to network performance. It provides complete visibility into everything users do on their work devices – on and off the corporate network – without compromising user privacy. In addition to the thousands of already known patterns of bad behavior, the analytics engine quickly establishes baseline individual user patterns and gives actionable, contextual alerts when anomalies are found. Dtex, helps eliminate insider threats, protect against outside infiltrators, and find gaps in existing security controls.
Dtex is a unique solution. It is lighter and more visibility-focused than DLP, cuts through the noise more effectively than SIEM, and bases its analytics on endpoint visibility that most out-of-the-box UEBA solutions are blind to. It’s the combination of thorough endpoint visibility and intelligent, adaptive analytics that is perfectly poised to fill the gaps and weaknesses of other security systems.
Elastic Stack
- detecting advanced security threat activities and anomalies in log data,
- discovering hidden fraud patterns in highly sensitive data,
- identifying anomalous systems or metrics and their root causes across IT systems,
- linking together complex series of events in data to expose early warning signals,
- automatically pinpointing where and why critical system outages are occurring,
- detecting unexpected drops in transactional activity, and much more.
Exabeam Advanced Analytics
Featurespace ARIC™ Platform
The ROI4CIO Product Catalog is a database of business software, hardware, and IT services. Using filters, select IT products by category, supplier or vendor, business tasks, problems, availability of ROI calculator or price calculator. Find the right business solutions by using a neural network search based on the results of deployment products in other companies.