FDR Web Security SaaS

Someone is pulling a file out of a laptop using a fishing rod. A big red cross on laptop screen shows that the file exfiltration has been denied.

FDR Web Security provides cloud-delivered inline inspection of your web traffic including all file downloads - guarding end-users from downloading and executing malicious files capable of harvesting account credentials and Personal Identifiable Information (PII), as well as providing runtime protection against web-borne threats lurking in encrypted traffic, including:

  • Zero-Day Attacks
  • N-Day Attacks
  • Command and Control (C2)
  • Advanced Persistent Threats (APTs)

Pricing is based on:

  • Number of ICAP file scans per days (ranging from 2,000 to 100,000)
Get Pricing

Request a 30 Day Free Trial

Key features include

Multiple Inspection Techniques
  • Rapidly dissects files to expose evasions and malicious content within embedded logic (macros, scripts, applets), semantic context (spreadsheet cells, presentation words, etc.), and metadata (author, edit time, page count, etc)
  • Full artifact inspection including session-level metadata (web headers), domains, files, hashes, headers, IPs, SSL certificates and URLs
  • Optical Character Recognition (OCR), Computer Vision, and Perception Hashing used to inspect embedded images for presence of malware
  • Machine Learning (ML) incorporates advanced algorithms that leverage supervised classifiers and unsupervised clusters - designed to query vast amounts of data, discover patterns, and generate valuable insights
  • Algorithms are leveraged to identify/pinpoint threats without the use of IOCs
IQScore
  • Each file is dissected into an array of artifacts - each artifact then given an IQ Score
  • Scores are driven by all available intelligence including discrete, heuristic, and ML score contributors
  • Threat receipts show intel sources at-a-glance
  • Signature pairings for "heating" and “cooling" based on latest threat intel
  • Block, alert, investigate recommendations give SecOps clear guidance on enforcement policy
Emerging Threat Detection
  • Inspection engine utilizes heuristics and signature-based analytical pipelines to identify real-world emerging threats - blocking both Zero-Day and N-Day Attacks
Retrospective Malware Detection
  • Via RetroHunting files are inspected for latest threats to ensure even the most sophisticated attacks don’t go undetected - even if initially missed
Data Loss Prevention
  • Inspection of all file content and context to identify data exfiltration - ensuring sensitive information never leaves your environment
Policy enforcement at scale
  • Capable of rapid file analysis and policy enforcement in even the most complex multi-tenant environments
Proactive Threat Intelligence
  • Built-in incident response workflow, remediation, and breach containment alleviate investigative workflows for your operators
  • Provides the ability to proactively track and hunt for emerging threats that have targeted your environment
SSL Fingerprinting
  • Hashing of the SSL certificate to identify use/reuse by threat actors
  • SSL certificate extraction which can be used to identify self-signed certs, revoked certs, etc.
  • JA3/JA3S TLS fingerprinting which aids in tracking down malware and C2
Invisible to outsiders / attackers
Deploys organization-wide in less than an hour