INSIDE THE SOLUTION
Advanced Threat Detection
SS8 BreachDetect provides device-centric alerting and powerful network investigation capabilities that accelerates threat detection times and reduces or eliminates threat dwell time.
Software Sensor
High-performance application-aware software sensors deploy with ease passively on the network to generate high-definition records (HDRs) that are stored for analysis
Enrichment
User ID data from a directory store (e.g. Active Directory) combines with reputation data from Webroot® and any other source of threat intelligence to correlate with network history
Recursive Analytics
SS8’s data retention and analytics platform (DRAP), continuously analyzes recorded network history and scores network behaviors tied to specific devices and users
BreachDetect Discovery
Simplified workflows with device-centric alerting and robust visualizations built for the security analyst take the guesswork out of hunting for threats
Above “Advanced Threat Detection” section from:Advanced Threat Detection page
INTERNET COMMUNICATION DISCOVERY KEY COMPONENTS
Key Components
The SS8 IC Discovery solution provides the query and filtering needed to precisely retrieve the order-relevant Internet communication records (ICRs). SS8 has worked extensively with law enforcement and intelligence agency analysts to create ICR-driven workflows and visual analytics tools that makes the job of deriving actionable intelligence from ICRs fast and easy.
Sensor + PXE
Deployed on the internal network to records East/West traffic
Analytics
DRAP rewinds network history and pattern of life activity
IC Discovery
IC Discovery interface used to extract pattern of life for SOI
Intellego
Used by law enforcement to analyze pattern of life
Above “Key Components” section from: Internet Communications Discovery page
INSIDER THREAT DETECTION KEY COMPONENTS
Key Components
The SS8 Insider Threat Detection (ITD) solution provides the proactive alerting and investigation workflow needed to precisely identify suspected insiders and track their pattern of life within the network.
Sensor + PXE
Deployed on the internal network to records East/West traffic
Enrichment
User ID collected and correlated via directory store (Active Directory, DHCP)
Analytics
SS8 DRAP engine stores and scores user/device activity over time
ITD Discovery
SS8 ITD discovery interface alerts on flagged users, and enables querying of file transfer activity
INSIDER THREAT DETECTION KEY COMPONENTS
Key Components
The SS8 Insider Threat Detection (ITD) solution provides the proactive alerting and investigation workflow needed to precisely identify suspected insiders and track their pattern of life within the network.
Above “Key Components” section from: Insider Threat Detection page
—I think the first one (4 boxes) was a test Jim was working on?
POWERFUL SIEM INTEGRATION
The powerful integration of SS8 technology with the SIEM provides an excellent discovery application that treats the network as an endpoint, enabling customers to quickly discover the most sophisticated attacks, and investigate breach behavior with pinpoint accuracy—down to specific devices of interest.
Above “Powerful SIEM Integration” section from: Security Interface Enrichment page
—This section needs to be updated. ALL of these sections will be the same across site.
