Acceso clientes
Usted está en: ComplexBiz > Productos > AccessData CIRT®

AccessData CIRT®

Imagen de previsualización de YouTube

CIRT Overcomes these Weaknesses

CIRT is the first and only product to integrate network forensics, host forensics, malware analysis and large-scale data auditing. It gives you visibility into all of this critical information through a single pane of glass, and unlike other products it actually provides enterprise-class remediation capabilities. So not only are you able to figure out what’s happening on your network faster, you’re actually able to do something about it faster.

What Can You Do with Cyber Intelligence & Response Technology?

  • Detect Unknown Threats and Data Leakage
  • Continuous Monitoring
  • Auto-respond to Third-Party Alerts
  • PCI Compliance
  • Multi-team Collaboration and Real-Time Incident Management
  • Malware Disassembly Analysis – No Sandbox Required
  • Gather Cyber Intelligence
  • Root Cause Analysis
  • Remediate

PROACTIVE COMPROMISE ASSESSMENT TO DETECT EXTERNAL AND INTERNAL THREATS

  • Scan tens of thousands of computers and network shares to identify suspicious binaries or data leakage without having to rely on signature-based tools and alerting systems.
    • Scan for known malware using your existing threat intelligence.
    • Audit for data spillage, using a broad variety of search criteria.
    • Identify previously unknown malware using built-in threat scoring and malware analysis.
    • Get the same robust analysis capabilities of FTK.
  • Advanced volatile data/memory analysis.
    • Static RAM analysis from an image or against a live system.
    • Enumerate all running processes, including those hidden by rootkits, and display associated DLLs, network sockets and handles in context.
    • Dump a process and associated DLLs for further analysis in third-party tools.
    • Memory string search allows you to identify hits in memory and automatically map them back to a given process, DLL or piece of unallocated space and dump the corresponding item.
    • VAD tree analysis and expose registry artifacts in memory and will parse and display handle information from memory.
  • Correlate host data with network traffic.
    • Real-time network traffic visualization allows you to detect anomalous behavior.
    • Build integrated maps of assets and users.
    • Monitor for known threats and receive email alerts.
    • Once anomalous behavior has been detected or an alert received, immediately drill into all suspect nodes for host analysis.

REACTIVE IMPACT ASSESSMENT AND ROOT CAUSE ANALYSIS

CIRT gives you the visibility you need to detect and respond to an incident without sifting through and manually correlating event logs. If you suspect a compromise or need to validate an alert from another tool, such as IDS or DLP, you can easily scan all suspect nodes to expose malicious binaries, data leakage or unauthorized access.

  • Learn the behavior and intent of suspicious binaries in seconds.
  • Forensically analyze hosts to determine the delivery mechanism of an exploit, whether its email, removable media, a website, hacking or a rogue employee.
  • Search hosts for confidential or classified data.
  • Build a threat profile and scan the enterprise against it to identify all compromised nodes.
  • Correlate host data with forensic network data to see proliferation, external domains being called and more.
    • Build “integrated maps” of certain assets or users.
    • Play back incidents in real time.
    • Independent of keyword or linguistic matching, you can determine how proprietary or inappropriate information proliferated from code servers, HR or financial databases, R&D labs and others.
    • Directly visualize audit logs and alerts, and correlate actual network traffic to provide a complete picture of activity around the time a suspicious event occurred.

 

Descargar Brochure Algunos vínculos requieren que el usuario se haya registrado previamente


© 2013 complexbiz. Todos los derechos reservados. la información y gráficas contenidas en este sitio provienen de los fabricantes.