Home » vendors
Category Archives: vendors
The number of new attacks is growing every day. The time required to generate signatures for new attacks varies between days to months due to the enormous number of new attacks. The traditional approaches, such as customer side protection with static and dynamic analysis and anomaly detection are not sufficient for handling today’s new threats. Intelici AI-based technology computes a digital representation of a particular software object based on the traces of said object in the Internet traffic as observed by an ISP (or collection of ISPs), hereafter referred to as a footprint. Extracted carrier-level footprints allow us to follow the malware propagation patterns in the network. Early Identification of new malware by their footprint that shortens the detection time is a huge advantage compared to IDS products today. Unlike all state-of-the-art solutions, Intelici footprint representation is not inferred from the content of the traffic flows but rather from the source-destination network induced from the mere existence of the flows.
Intelici technology is used in three different hot topics segments:
- Malware detection system in the large-scale network.
- Disinformation detection in Social networks.
- Viral campaign detection in SMS and WhatsApp for Mobile operators
- Ability to detect and filter out only malicious traffic flowing into or from your network.
- Flexible detection engine with support for DoS/DDoS attack types: amplification (NTP, SNMP, SSDP, DNS, GRE, chargen and other), floods (UDP, TCP, ICMP), attacks on tcp protocol (syn, syn-ack, fin floods), attacks on IP protocol (fragmented packets) and other. Including support for multi-vector attacks.
- Very fast detection time: 1 second for sFlow 5 and port mirror mode and 5- 45 seconds for Netflow/IPFIX (depends in device model).
- Scalable up to Terabits (multiple existing deployments with 1+ Tbps of traffic).
Fidelis Elevate provides a terrain based cyber defense that shines a light on the blind spots in your environment and calculates your vulnerable attack surface. Now you know what to protect and the most probable paths of data exfiltration, command and control, surveillance and more. And through the network and endpoint metadata that we collect, you gain the content and context required for real-time and retrospective analysis that is critical for detection, threat hunting, and response.
WireX automates analysis efforts so that security professionals at all skill levels; security managers, SOC operators, analysts and incident responders – can make faster and more informed decisions based on the actual content of network conversations, rather than just the metadata.
Route monitoring has been our primary service for many years. BGPmon has evolved over time and is recognized for its accuracy, speed and feature richness. BGPMon route monitoring service alerts users in cases of anomalies with any of your prefixes, policy violations, instability, ROA validation failures and more. It also provides reporting features such as the daily routing report customized for your networks.
Domain Name System (DNS) is used for every transaction on the Internet, good or bad. Farsight Security, Inc. provides a comprehensive set of solutions that provide real-time and historical information about the everchanging Global DNS. By enriching your existing Threat Intelligence with our data, you can more quickly detect, respond and prevent the next cyberattack and protect your business.
Farsight DNSDB is the largest, most proven real-time and historical collection of Passive DNS data available in the market today. DNSDB can provide information about threat actors and their motives by answering such questions as: What domain names map to “this” IP address, now and in the past? When was “this” name first used and by whom? What domain names share this same MX record? Learn more about our latest integration with Splunk and how DNSDB works.
FireEye Network Security (NX) solutions protect against known and unknown advanced attacks with the signature-less Multi-Vector Virtual Execution™ (MVX) engine, conventional intrusion prevention system (IPS)and intelligence-driven detection. This enables faster detection, more accurate alerts and reduced noise. Identifying threats traditional security solutions can’t allows you to focus on alerts that pose a genuine threat and reduce the operational cost of false positives.
SoleGATE Email Protector is a virtual appliance, installed on cloud or on-premises, that detects and prevents cyber-attacks over the email attack vector, before they even enter the organization’s internal networks. One of the SoleGATE Protection Platform modules, SoleGATE Email Protector powered is by Solebit DvC Engine, uses patent-pending static analysis technology to inspect the email traffic for hidden code inside data objects, providing a conclusive result for each scanned email.
Solebit SoleGATE platform uses an innovative non-behavioral and conclusive approach to cybersecurity protection.
Solebit’s patent-pending DvC technology detects hidden code within data objects, regardless of the data object type and what the code looks like, then blocks the data object from entering the organization.
If a stream includes code, it stays out.