app-r2-herobanner-bg.jpg

Prelert Solutions: IT Security Analytics

Early Detection of Advanced Threats

Threat intelligence and signature-based defenses are proving ineffective at stopping today's advanced cyber criminals. If your organization is a likely target, you should be operating on the assumption that you have already been hacked.

But even the most advanced criminals leave fingerprints in the form of unusual software connecting to networks, anomalous access, and abnormal data traffic patterns. The problem is that it is not possible to invest the time needed to find these activities using traditional rule or signature-based approaches.

Prelert behavioral analytics offers a new way forward. Machine learning algorithms automatically determine normal behavior patterns for hundreds of thousands of data points. Automated anomaly detection provides early detection of the suspicious behavior patterns that security analysts need to know about. Forensic analysis times are slashed. And the result is you see threats as they develop and stop them dead in their tracks.

WATCH VIDEO

Use Cases
  • Detect DNS Data Exfiltration (Tunneling) in DNS Query Requests
  • Detect Suspicious Network Activity (App-Port) in Firewall Logs
  • Detect Suspicious Login Activity in Endpoint Detection and Response Logs
      View more

Prelert in Action: IT Security Analytics Solution Stories

img-target.png
Detect Rogue Users By Analyzing Netstat Data
  • Scan your entire network in real-time for any host making network connections with new or unusual software
  • Drill down to the forensic details you need to make fast decisions
  • Resolve threats before data exfiltration begins

VIEW CASE STUDY  

img-slash.png
Identify Attacking IPs By Analyzing Web Server Logs
  • Spot outliers from normal behaviors along multiple dimensions like source, destination, time of day, and data tranmission rates
  • Find the unusual authorized access patterns that could indicate intrusion attempts
  • Get the evidence you need in near real time

VIEW USE CASE  

img-doc.png
Find Important IDS Events By Analyzing IDS Logs
  • Stop letting attackers mask their activity in the noise of your IDS/IPS alerts
  • Turn thousands of high severity alerts a day into a dozen important notifications a week
  • Get near real-time notification of developing attacks

VIEW CASE STUDY  

img-shield.png
Identify Attacking IPs By Analyzing ipTables Firewall Logs
  • See how we handled a Honeynet Project firewall log analysis challenge
  • In minutes, we flagged unusual port scan and connection attempts without rules or signatures

VIEW USE CASE  

img-graph.png
Identify Data Exfiltration By Analyzing NetFlow Logs
  • You can't hide from NetFlow - changes to normal can signal a compromised host
  • Flag any deviations over time - no matter how small or large the data set
  • Detect the earliest signs of a threat

VIEW CASE STUDY  

icon-file.png

FREE WHITEPAPER

Why All IT Security Professionals Should Be Using Anomaly Detection Software

GET IT NOW

Automate data analysis, eliminate manual effort, and reduce human error.

Download free trial