The current threat landscape is evolving and maturing, and recent accidents show a growing international alarm regarding information security. Right now, many organizations reply to these growing concerns, often adopting solutions with no satisfying results.
Energent provides InfoSync solution, focused on the recognition and identification of new forms of threats, attacks and computer fraud.
InfoSync detects rather than well-known threats, is able, thanks to an infrastructure cyber security intelligence able to collect, normalize, extract the characteristic and representative data (meta data) session traffic, to enrich ("data fusion") the said data by creating specific relationships between the different classes of information collected, stored over time and in different dimensions (asset, threat, vulnerability, protocol, accidents, regulatory, risk, compliance, etc ...).
The smart engine (security content collaboration engine), enable activities:
• Search for information, relying on a system of "behavioral-based defense", inherent fraud and attack scenarios, to prevent and trying to recognize them, extracting every detail about events during and / or following its recognition;
• Apply stored algorithms for:
calculation of safety indicators;
• risk analysis and compliance compared to the baseline security organization.
• Provide the ability to build applications and interfacing functionality through APIs, data mart and data warehouse system for business intelligence.
InfoSync implements security intelligence services, like "big data" mode, starting from a set of typical sources of information, you can:
• services that allows recursive investigations, starting from a set of extracted information to initiate new queries aimed at enriching the results subordinated to the search criteria to isolate samples of the most representative and information of interest to the investigation
• vertical applications using the data stored in different subject area (representing a grouping of topics for one or more dimensions: a) asset: services, IP, ports, configuration, software, b) threat: malware, DDoS, ..., c ) vulnerability: CPE, CRE, CCE, CVE, CVSS, Potential, really tested,. ... d) event, e) incident. ...), allowing you to extract and highlight a crucial perspective for intelligence activities: Pattern Detection, Risk, Policy Compliance, etc ...
• Service reporting..