breach detection, network visibility and vulnerability management for small and medium sized organizations to quickly detect potential vulnerabilities and active breaches, automatically respond to threats
Cybowall - breach detection, network visibility and vulnerability management for small and medium sized organizations to quickly detect potential vulnerabilities and active breaches, automatically respond to threats as they are discovered, manage and report on compliance (GDPR, PCI-DSS, ISO etc.) and record and analyze all events and incidents within the network for further investigation.
Quickly Detect Potential Vulnerabilities and Active Breaches
The Cybowall solution collects and analyzes information on both endpoint and network events, reducing risks to organizations by allowing full network visibility. With a Sensor that sits out of line and takes a copy of all network and internal traffic via TAP/Port Mirroring, Cybowall functions as an Intrusion Detection System (IDS) at the network level, without causing interference.
The solution utilizes an Agentless Scan that leverages technologies including WMI to collect detailed forensic data and correlate it with known Indicators of Compromise (IOC). Cybowall mines IOC data such as CVE, file hash, DNS, URL, hostnames, IP addresses, domains, URI and file paths to monitor business assets and conduct vulnerability assessments for patch deployment prioritization.
Automatically Respond to Threats as Discovered
Cybowall’s asset mapping functionality provides a continuously updated list of all endpoints, including port profiles and activities. Connected directly to the network’s core switch via SNMP, and leveraging WMI, Cybowall enables effective, policy-based automated responses according to assigned activity/risk factor scores to contain real time attacks.
Automated responses include endpoint quarantine, port shutdown and stopping a suspicious application/process on an individual endpoint; all of which are possible without System Administrator/CISO/SOC intervention to enhance an organization’s security without adding complexity.
Record and Analyze all Events and Incidents for Further Investigation
Incorporating Security Information and Event Management (SIEM) capabilities, Cybowall facilitates log management, event management, event correlation and reporting to help identify policy violations and enable response procedures. The Cybowall integrated solution helps organizations to manage and report on compliance, including PCI-DSS, HIPAA, HITECH, GDPR, ISO etc. and provides a complete audit trail.
Network Trap decoy technology enables insight into lateral movement between endpoints and detects threats originating within the network by serving as a trip wire for active attacks, and provides material for in-depth examination during and after network trap use.