Network Behaviour Analyzer
- Analyze North/ South and East/ West network traffic in real time to detect *Lateral Movement (including office and IoT devices)
- AI modeling to model normal traffic and highlight abnormal traffic (e.g. attack via DNS and IPSec tunnel)
- Support
manual rule to alert unauthorized network traffic
between subnets
- Auto response with playbook integrating with supported EDR, Firewall and IAG (by SOAR module)
- UEBA baseline to protect Server/ Database access (e.g. Slow brute force, a query to un-reg table in a DB instance)
- Dashboard provides Asset View and Timeline View for risk attack
- Support whitelist on per event for IP or user to reduce false positive effectively; custom IoC rule