ThreatResponder® Platform

Do you rely on alerts from your security devices before you take action? At this point, are your actions too late? Why not detect, respond, and neutralize the threat in real-time?

ThreatResponder® Platform is an All-in-One Threat Intelligence, Analytics, Detection, Prevention, Response, and Hunting platform that provides 361o threat visibility of your enterprise.

Modules

ThreatResponder® has three applications that are offered together or as separate products: Data+Forensics Analytics, Threat Intelligence Platform (“TRIP”), and User Behavior Analytics Engine.

361o Threat Visibility

To provide a 361-degree threat visibility of your enterprise, ThreatResponder® collects data from online and offline systems, including the following:

  • Real-time data collection from millions of endpoints such as Windows, Mac OS, and Linux/UNIX
  • Incident Response data such as RAM, Registry, MFT, Event Logs, Browsing History, DNS Cache, Schedule Tasks, and Prefetch
  • Network Packet Captures
  • Internet of Things (IoTs) devices
  • Security Devices (such as SIEM, IDS/IDS, Firewalls, Netflow)
  • Enterprise Logs (such as Web, Proxy, Syslog, Netflow)
  • The wild!

ThreatResponder® Capabilities Snapshot

One Platform with Infinite Capabilities – Threat Intelligence, Analytics, Detection, Response, Prevention, and Hunting

  • Data + Forensics Analytics
  • User Behavior Analytics
  • Threat Intelligence Platform (“TRIP”
  • Incident Response (Data Collection/Analysis)

361o Threat Visibility

Real-Time Threat Detection/Prevention

  • Known and Unknown Malware
  • Malware-less Attacks (WMI, PowerShell, VBA)
  • Neutralize Malware
  • Contain Host
  • Signature, Behavior, and Machine Learning (ML) Algorithms

Offline System Data Collection and Analysis

Detect Endpoint’s Vital Sign (endpoint’s health/security state)

Endpoint Agent (“Rover”)

  • One single agent
  • Secured and hardened agent
  • Reduced footprint
  • Total visibility of endpoint’s activities
  • Screenshots and video capture of attackers’ activities
  • Real-time and Dwell-time attack detection
  • Kernel-mode with total visibility
  • Unknown process Sandboxing
  • “Dissolvable” Agents – no installation
  • Ultra-Low CPU and RAM (Less than 1% utilization)
  • Stealthy and very difficult to detect or deactivate
Benefits
  • One Platform with Threat Intelligence, Analytics, Detection, Response, and Prevention and Hunting capabilities all in One Platform – there is no single solution on the market!
  • Significantly increase productivity of Security Analysts.
  • Gain Situational Awareness and quickly make informed decisions.
  • Prevent, detect, and respond to attacks quickly.
  • Investigate threats in online and offline systems – there is no single solution on the market.
Data+Forensic Analytics

ThreatResponder® Data+Forensic Analytics engine combines threat data from millions of covered assets/endpoints, intelligence feeds, threat signatures/indicators, behavior rules, and machine learning algorithms to produce actionable threat intelligence.