SEC.ONE Threat Hunting
10+
Downloads
Jedes Alter
info
Über diese App
SEC.ONE Threat Hunting application is a SaaS solution providing security visibility and management for small to medium size companies.
It requires Netflow to be configured on switches, access points, routers, firewalls and sent to SaaS Cloud. Solution tracks the traffic flows within company and raise the alarms in case communication with public IP address with bad reputation is detected (typically associated with malware, phishing, spam or other threats). Also WebProxy logs (Syslogs) can be sent to track the reputation of browsed domains.
Customer reviews the alarms and verify the findings. Add IP addresses or domains to whitelists (will not pop-up as the alarm anymore) or blacklists (will always trigger the alarm). Also changes the status of alarms.
System is also proposing to focus first on critical alarms selected by our algorithms based on innovation Impact Detection Engine. Additionally "top3 alarms weekly" feature provides the access to the most severe critical alarms reviewed and selected manually by our investigators.
Finally customer can ask for the help with the investigations for specific alarms. Dedicated Security Operations Center (SOC) team will help to understand the impact and possible remediation.
No VMs, no containers, no collectors, no servers required. It's 100% SaaS service with onboarding taking 5 minutes. Monthly subscription, can cancel anytime. Demo and Freemium plan without any costs.
It requires Netflow to be configured on switches, access points, routers, firewalls and sent to SaaS Cloud. Solution tracks the traffic flows within company and raise the alarms in case communication with public IP address with bad reputation is detected (typically associated with malware, phishing, spam or other threats). Also WebProxy logs (Syslogs) can be sent to track the reputation of browsed domains.
Customer reviews the alarms and verify the findings. Add IP addresses or domains to whitelists (will not pop-up as the alarm anymore) or blacklists (will always trigger the alarm). Also changes the status of alarms.
System is also proposing to focus first on critical alarms selected by our algorithms based on innovation Impact Detection Engine. Additionally "top3 alarms weekly" feature provides the access to the most severe critical alarms reviewed and selected manually by our investigators.
Finally customer can ask for the help with the investigations for specific alarms. Dedicated Security Operations Center (SOC) team will help to understand the impact and possible remediation.
No VMs, no containers, no collectors, no servers required. It's 100% SaaS service with onboarding taking 5 minutes. Monthly subscription, can cancel anytime. Demo and Freemium plan without any costs.
Aktualisiert am
Was die Sicherheit angeht, solltest du als Erstes verstehen, wie Entwickler deine Daten erheben und weitergeben. Die Datenschutz- und Sicherheitspraktiken können je nach deiner Verwendung, deiner Region und deinem Alter variieren. Diese Informationen wurden vom Entwickler zur Verfügung gestellt und können jederzeit von ihm geändert werden.
Keine Daten werden mit Drittunternehmen oder -organisationen geteilt
Keine Daten erhoben
Neuigkeiten
new Target API level (33) for application