Extracts all files from email, web and file transfer traffic to detect cyber threats from malware/exploits as well as intentional/unintentional movement of sensitive files/DLP
Supports SOC/CIRTs by processing all file traffic, pre-execution: inbound, outbound and across the network to enable deep analysis by TitaniumCore Automated Static Analysis
With TitaniumCore and TitaniumCore Enterprise Platform (TCEP) enables elastic scale to process the most-demanding workloads across Linux and Windows platforms
Enables uncovering and delivering the most accurate and up-to- date threat intelligence for remediation as well as tuning of network defense rules engines in deployed security solutions
Unmonitored file flows within an IT infrastructure represent an enormous security blind spot and vulnerability. Industry experts report that less than a third of breaches are discovered by the targeted organization. By any measure, this is a dismal record. Conventional, first-generation anti-virus scanners, intrusion detection systems and firewalls are implemented universally, yet breaches have become more frequent. 2nd generation products “detonate" files in a sandbox to observe their behavior. Although these products improve on the status quo, they can’t process every transmitted file and are often circumvented by advanced malware using obfuscation and other techniques. A new solution is needed.
The ReversingLabs N1000 Network File Flow Analysis appliance provides a new solution that fills the gaps of and goes beyond existing solutions by extracting all files from email, web and file transfer traffic. This is completed not only for inbound traffic to the organization but outbound and laterally/within as well to detect cyber threats both from malware/exploits as well as unintentional movement of sensitive files/DLP.
Advanced threats are detected with ReversingLabs unique (Active File Decomposition) and ReversingLabs Hashing Algorithm (RHA), Functional Similarity Analysis technologies.