Advance Threat Detection
Security for professionals
GREYCORTEX designed our MENDEL network traffic analysis solution to provide security for professionals. This means MENDEL combines advanced analytical detection techniques with signature-based detection, as well as threat intelligence data, and correlation analysis to detect threats quickly and accurately, so you can defend the network.
.Six types of advanced analytical methods focused on
catching the full spectrum of advanced unknown threats
.Signature-based detection with over 45,000 signatures
updated every four hours
.GeoIP data, 100,000 + blacklisted IPs, etc.
.Disparate events are correlated to precisely determine their
severity
MENDEL is designed to be used by security professionals. This means it uses not only network traffic analysis for unknown threats, but signature-based detection to quickly show the security team that a specific known threat, policy violation, application, etc. has been identified. This shortens response time on the part of the analyst, and creates a more secure network environment. MENDEL provides over 50,000 signatures of known threats, which are automatically updated six times per day, so the security team will always have the most current signatures. MENDEL also includes robust threat intelligence data, as well as GeoIP data to further improve analysis and identification of anomalous events.
MENDEL uses network traffic analysis, with a focus on advanced machine learning to detect unknown threats like zero-day attacks, APTs, malware spreading, and more, without the need for signatures. By mirroring network traffic at the core switch, MENDEL is able to identify anomalous communications across the entire network. MENDEL then applies six different types of analytical methods to detect potentially malicious activities by the traces they leave as they interact through the network - even those which can evade tools which focus on a specific location or type of traffic in the network. This means MENDEL easily detects advanced threats before they can do damage.
Attackers don't always take the clearest path to access a target network. Sometimes events which seem minor can be part of a larger attack. In addition to advanced analytical detection and signatures of known threats, MENDEL adds event correlation, which brings together seemingly minor events which would be missed on their own, but which together form the components of a serious attack. For example, malware spreading throughout the network might use a combination of events like use of TOR, certain exploits, scanning behavior. MENDEL identifies these combined events as the very serious event it is. This correlation means that MENDEL is even more effective in detecting attacks against the network.
.Six types of advanced analytical
methods focused on catching
the full spectrum of advanced
unknown threats
.Signature-based detection with
over 45,000 signatures
updated every four hours
.GeoIP data, 100,000 + blacklisted
IPs, etc.
.Disparate events are correlated
to precisely determine their
severity
MENDEL is designed to be used by security professionals. This means it uses not only network traffic analysis for unknown threats, but signature-based detection to quickly show the security team that a specific known threat, policy violation, application, etc. has been identified. This shortens response time on the part of the analyst, and creates a more secure network environment. MENDEL provides over 50,000 signatures of known threats, which are automatically updated six times per day, so the security team will always have the most current signatures. MENDEL also includes robust threat intelligence data, as well as GeoIP data to further improve analysis and identification of anomalous events.
MENDEL uses network traffic analysis, with a focus on advanced machine learning to detect unknown threats like zero-day attacks, APTs, malware spreading, and more, without the need for signatures. By mirroring network traffic at the core switch, MENDEL is able to identify anomalous communications across the entire network. MENDEL then applies six different types of analytical methods to detect potentially malicious activities by the traces they leave as they interact through the network - even those which can evade tools which focus on a specific location or type of traffic in the network. This means MENDEL easily detects advanced threats before they can do damage.
Attackers don't always take the clearest path to access a target network. Sometimes events which seem minor can be part of a larger attack. In addition to advanced analytical detection and signatures of known threats, MENDEL adds event correlation, which brings together seemingly minor events which would be missed on their own, but which together form the components of a serious attack. For example, malware spreading throughout the network might use a combination of events like use of TOR, certain exploits, scanning behavior. MENDEL identifies these combined events as the very serious event it is. This correlation means that MENDEL is even more effective in detecting attacks against the network.
.Six types of advanced analytical
methods focused on catching
the full spectrum of advanced
unknown threats
.Signature-based detection with
over 45,000 signatures
updated every four hours
.GeoIP data, 100,000 + blacklisted
IPs, etc.
.Disparate events are correlated
to precisely determine their
severity
MENDEL is designed to be used by security professionals. This means it uses not only network traffic analysis for unknown threats, but signature-based detection to quickly show the security team that a specific known threat, policy violation, application, etc. has been identified. This shortens response time on the part of the analyst, and creates a more secure network environment. MENDEL provides over 50,000 signatures of known threats, which are automatically updated six times per day, so the security team will always have the most current signatures. MENDEL also includes robust threat intelligence data, as well as GeoIP data to further improve analysis and identification of anomalous events.
MENDEL uses network traffic analysis, with a focus on advanced machine learning to detect unknown threats like zero-day attacks, APTs, malware spreading, and more, without the need for signatures. By mirroring network traffic at the core switch, MENDEL is able to identify anomalous communications across the entire network. MENDEL then applies six different types of analytical methods to detect potentially malicious activities by the traces they leave as they interact through the network - even those which can evade tools which focus on a specific location or type of traffic in the network. This means MENDEL easily detects advanced threats before they can do damage.
Attackers don't always take the clearest path to access a target network. Sometimes events which seem minor can be part of a larger attack. In addition to advanced analytical detection and signatures of known threats, MENDEL adds event correlation, which brings together seemingly minor events which would be missed on their own, but which together form the components of a serious attack. For example, malware spreading throughout the network might use a combination of events like use of TOR, certain exploits, scanning behavior. MENDEL identifies these combined events as the very serious event it is. This correlation means that MENDEL is even more effective in detecting attacks against the network.
Do you have any question?
Please leave us your contact details so we can deliver a personalized offer tailored to your company’s needs.