FDR Network Threat Analytics

FDR Network Threat Analytics provides dynamic analysis and detection capabilities that enable identification and response to a variety of cyber threats targeting enterprise networks:

  • Breach Detection
  • Exploitation Techniques
  • Intrusion Attempts
  • Malicious Actors
  • Suspicious Behavior

Pricing is based on:

  • Collector Appliance Throughout Rating (Gbps)
  • Number of Collector Appliances
  • Number of Manager Appliances
  • Physical or Virtual Deployment

Request a 30 Day Free Trial

Key features include:

  • High-Performance Network Inspection
    • Monitoring network traffic at throughput speeds from 100 Mbps to 40 Gbps
    • Full session analysis leveraging behavioral and advanced analytical techniques - including Machine Learning (ML) - to identify and respond to anomalous suspicious behavior
  • Turnkey physical and virtual appliance form factors
  • Physical appliances provide excellent data center economics - minimizing data center footprint (via 1U form factor), power, and cooling needs
  • Appliances collectively managed via single pane of glass
  • Ingests data in-motion, data in-use, and data at-rest
  • Complex threat hunting tasks are automated by leveraging intrusion analysis, intrusion detection, incident response, and event triage
  • Alert on malicious network activities, investigate, and perform forensics analysis to determine root cause and then respond using event triage and mitigation
  • Multiple Inspection Techniques
    • Deep File Inspection (DFI) employs detection logic at numerous layers to uncover a wide variety of attack and exploitation techniques
      • Rapidly dissects files to expose evasions and malicious content within embedded logic (macros, scripts, applets), semantic context (spreadsheet cells, presentation words, etc.), and metadata (author, edit time, page count, etc)
      • Full artifact inspection including session-level metadata (web headers), domains, files, hashes, headers, IPs, SSL certificates and URLs
      • Optical Character Recognition (OCR), Computer Vision, and Perception Hashing used to inspect embedded images for presence of malware
    • Machine Learning (ML) incorporates advanced algorithms that leverage supervised classifiers and unsupervised clusters - designed to query vast amounts of data, discover patterns, and generate valuable insights
    • Algorithms are leveraged to identify/pinpoint threats without the use of IOCs
    • Sandbox integrations
    • Multi-scanning technologies
  • Breach Detection and Containment
    • Full visibility of all inbound and outbound enterprise network traffic flow to determine whether a breach has occurred
    • Identifies Command and Control (C2) activity associated with advanced persistent threats (APTs) by performing behavioral analytics and leveraging unique Indicators of Compromise (IoC) acquired and curated by InQuest Labs
    • Detects and/or prevents C2 activity of sophisticated actors and their tradecraft - ultimately reducing the dwell time that can eventually lead to data leakage or exfiltration
  • Emerging Threat Detection
    • Inspection engine utilizes heuristics and signature-based analytical pipelines to identify real-world emerging threats - blocking Zero-Day attacks and N-Day attacks
  • Retrospective Malware Detection
    • Via RetroHunting, files are inspected for latest threats to ensure even the most sophisticated attacks don’t go undetected - even if initially missed
  • Data Loss Prevention
    • Inspection of all file content and context to identify data exfiltration - ensuring sensitive information never leaves your environment
  • IQScore
    • Each file is dissected into an array of artifacts - each artifact is then given an IQ Score
    • Scores are driven by all available intelligence including discrete, heuristic, and ML score contributors
    • Threat receipts show intel sources at-a-glance
    • Signature pairings for "heating" and “cooling" based on latest threat intel
    • Block, alert, investigate recommendations give SecOps clear guidance on enforcement policy
  • Proactive Threat Intelligence
    • Built-in incident response workflow, remediation, and breach containment alleviate investigative workflows for your operators
    • Provides the ability to proactively track and hunt for emerging threats that have targeted your environment
  • RetroHunt Capability
    • SecOps personnel can retrospectively identify the most sophisticated threats to determine which assets have been impacted
  • Invisible to outsiders / attackers
Learn More About Our Appliances Get Pricing
This website stores cookies on your computer. These cookies are used to improve the usability of this website and provide more personalized experience for you, both on this website and through other websites. To find out more, see our Privacy Policy.
Accept