A flexible new layer of IT security stack
Visibility into all network traffic
Full visibility and expand data points to gather and visualize rich metadata attributes from network from over 3000+ applications and 5000+ attributes
Adversary Network Activity and Network Events
The integration delivers adversary activities and behaviors in the form of detections, observations, and aggregations of network events.
Discover new assets and applications
With the ability to see all traffic in network, this solution can gather all DHCP and IP related transactions and identify attributes as granular as DHCP Hostname and DHCP Offer with mac address, making it easy to discover any new assets on the network.
Application Overview and Suspicious Traffic
This dashboard provides overview of all the applications from network perspective and identify and suspicious apps like Bit Torrent, potential crypto jacking.
SSL Ciphers and expiring certificates
The dashboard shows overall usage of SSL ciphers in the environment and identifies any week ciphers in use. The other part shows the TLS certs expiring near term.
DNS Queries, SMB File Movement, DHCP IP and hostnames and Http Codes
DNS Queries dashboard helps identify if any of the internal host is talking to outside DNS servers (Common case in C&C attacks) SMB File movement shows any files moving on network with SMB (notice unusual file movement). DHCP IP and hostnames help identify any OT/loT devices on network. Http response codes helps track performance.
