Superior Monitoring Platform. Expert Analysts & Incident Response. Summarized Monthly Reporting.
The SOC in a Box offering is not your average log collection and monitoring solution offered by competitive providers. The platform offers over 40 detection methods including zero day file sandboxing, machine learning and automation / remediation capabilities.
Below are just some of the features packed into “The Box":
Port scan & IP address sweeping
Brute force login failures (SSH, AD, SQL)
Brute force login success (SSH, AD, SQL) Login location anomaly detection
Web directory scan detection
Malicious user agent detection
Malicious reputation detection
Zero day malware detection
Known malware detection
Lateral malware movement detection Ransomware detection
Known exploit detection (80,000+)
Zero day exploit detection
Process anomaly detection
File creation detection
File modification detection
Command & Control
C&C server reputation (50,000+)
Resolvable DGA detection
Command execution anomaly detection
SQL command line execution detection
Exfilitration & Actions
DNS tunneling detection
Denial of service detection (Syn Flood)
Anomalous outbound traffic detection
Bitcoin mining detection
Geographic anomaly detection
Session duration anomaly detection
Anomalous inbound traffic detection
Abnormal smb traffic detection
Physical Network tapping
Virtual Network tapping
Netflow / IPFIX
Vulnerability Scanning and Management is now available to be added within a single appliance. We provide internal and external vulnerability scanning, risk based reporting and interactive UI.
CyFlare Vulnerability Scanning addresses the core of your security by addressing your weakest points. Vulnerability Scanning is an automated technology that continuously scans your network for known gaps and weaknesses around the clock, alerting you of critical vulnerabilities and providing instructions to lower the risk to your network.
Vulnerability Scanning presents fixes for those security gaps in a format that’s easily managed and fixed by the average IT professional, without requiring a dedicated security expert. By identifying and managing weaknesses in your network, Pulse Vulnerability Scanning helps to prevent security breaches from hackers, ransomware, and other malicious sources.
Vulnerability Scanning works in concert with other defensive solutions, such as firewalls and antivirus, enabling more effective patch management and expediting the remediation process.
The CyFlare appliance provides a true easy button for cyber security.
We watch your network traffic flows, ingest logs and enable compliance.