SEC.ONE Threat Hunting
10+
Downloads
Everyone
info
About this app
SEC.ONE Threat Hunting application is a SaaS solution providing security visibility and management for small to medium size companies.
It requires Netflow to be configured on switches, access points, routers, firewalls and sent to SaaS Cloud. Solution tracks the traffic flows within company and raise the alarms in case communication with public IP address with bad reputation is detected (typically associated with malware, phishing, spam or other threats). Also WebProxy logs (Syslogs) can be sent to track the reputation of browsed domains.
Customer reviews the alarms and verify the findings. Add IP addresses or domains to whitelists (will not pop-up as the alarm anymore) or blacklists (will always trigger the alarm). Also changes the status of alarms.
System is also proposing to focus first on critical alarms selected by our algorithms based on innovation Impact Detection Engine. Additionally "top3 alarms weekly" feature provides the access to the most severe critical alarms reviewed and selected manually by our investigators.
Finally customer can ask for the help with the investigations for specific alarms. Dedicated Security Operations Center (SOC) team will help to understand the impact and possible remediation.
No VMs, no containers, no collectors, no servers required. It's 100% SaaS service with onboarding taking 5 minutes. Monthly subscription, can cancel anytime. Demo and Freemium plan without any costs.
It requires Netflow to be configured on switches, access points, routers, firewalls and sent to SaaS Cloud. Solution tracks the traffic flows within company and raise the alarms in case communication with public IP address with bad reputation is detected (typically associated with malware, phishing, spam or other threats). Also WebProxy logs (Syslogs) can be sent to track the reputation of browsed domains.
Customer reviews the alarms and verify the findings. Add IP addresses or domains to whitelists (will not pop-up as the alarm anymore) or blacklists (will always trigger the alarm). Also changes the status of alarms.
System is also proposing to focus first on critical alarms selected by our algorithms based on innovation Impact Detection Engine. Additionally "top3 alarms weekly" feature provides the access to the most severe critical alarms reviewed and selected manually by our investigators.
Finally customer can ask for the help with the investigations for specific alarms. Dedicated Security Operations Center (SOC) team will help to understand the impact and possible remediation.
No VMs, no containers, no collectors, no servers required. It's 100% SaaS service with onboarding taking 5 minutes. Monthly subscription, can cancel anytime. Demo and Freemium plan without any costs.
Updated on
Safety starts with understanding how developers collect and share your data. Data privacy and security practices may vary based on your use, region and age The developer provided this information and may update it over time.
No data shared with third parties
Learn more about how developers declare sharing
No data collected
Learn more about how developers declare collection
What's new
new Target API level (33) for application