FDR Web Security SaaS

FDR Web Security provides cloud-delivered inline inspection of your web traffic including all file downloads - guarding end-users from downloading and executing malicious files capable of harvesting account credentials and Personal Identifiable Information (PII), as well as providing runtime protection against web-borne threats lurking in encrypted traffic, including:

  • Zero-Day Attacks
  • N-Day Attacks
  • Command and Control (C2)
  • Advanced Persistent Threats (APTs)

Pricing is based on:

  • Number of ICAP file scans per days (ranging from 2,000 to 100,000)

Key features include:

  • Multiple Inspection Techniques
    • Rapidly dissects files to expose evasions and malicious content within embedded logic (macros, scripts, applets), semantic context (spreadsheet cells, presentation words, etc.), and metadata (author, edit time, page count, etc)
    • Full artifact inspection including session-level metadata (web headers), domains, files, hashes, headers, IPs, SSL certificates and URLs
    • Optical Character Recognition (OCR), Computer Vision, and Perception Hashing used to inspect embedded images for presence of malware
    • Machine Learning (ML) incorporates advanced algorithms that leverage supervised classifiers and unsupervised clusters - designed to query vast amounts of data, discover patterns, and generate valuable insights
    • Algorithms are leveraged to identify/pinpoint threats without the use of IOCs
  • Emerging Threat Detection
    • Inspection engine utilizes heuristics and signature-based analytical pipelines to identify real-world emerging threats - blocking both Zero-Day and N-Day Attacks
  • Retrospective Malware Detection
    • Via RetroHunting files are inspected for latest threats to ensure even the most sophisticated attacks don’t go undetected - even if initially missed
  • Data Loss Prevention
    • Inspection of all file content and context to identify data exfiltration - ensuring sensitive information never leaves your environment
  • Policy enforcement at scale
    • Capable of rapid file analysis and policy enforcement in even the most complex multi-tenant environments
  • IQScore
    • Each file is dissected into an array of artifacts - each artifact then given an IQ Score
    • Scores are driven by all available intelligence including discrete, heuristic, and ML score contributors
    • Threat receipts show intel sources at-a-glance
    • Signature pairings for "heating" and “cooling" based on latest threat intel
    • Block, alert, investigate recommendations give SecOps clear guidance on enforcement policy
  • Proactive Threat Intelligence
    • Built-in incident response workflow, remediation, and breach containment alleviate investigative workflows for your operators
    • Provides the ability to proactively track and hunt for emerging threats that have targeted your environment
  • SSL Fingerprinting
    • Hashing of the SSL certificate to identify use/reuse by threat actors
    • SSL certificate extraction which can be used to identify self-signed certs, revoked certs, etc.
    • JA3/JA3S TLS fingerprinting which aids in tracking down malware and C2
  • Invisible to outsiders / attackers
  • Deploys organization-wide in less than an hour