NETWORK
ANALYTICSMonitors Network Traffic to
Discover and Eliminate ThreatsTHE CHALLENGE
Advanced attackers target the weak spots. Following initial and initial endpoint compromise, the next steps are to expand, gain privileges and access to other resources in your environment to ultimately get to your sensitive data and exfiltrate it to their premises. Prominent part to these attack vectors can be traced only by generated anomalous network traffic.
THE SOLUTION
Cynet Network Analytics continuously monitors network traffic to detect and block otherwise invisible malicious activity.
NETWORK MONITORING: MOVE FROM DETECTION TO ACTIVE PREVENTION
Unlike common network analytic tools that provide only threat detection, Cynet enables security teams to choose between detection mode and proactive prevention.
Raise alert upon detection of malicious activity to be resolved manually using Cynet automated context generation and remediation actions.
Enable Cynet’s built-in preventions or tailor a customized flow utilizing host isolation, traffic block and user disable.
THREAT PROTECTION
Cynet Network Analytics protection spans the wide range of advanced attack stages, utilizing network visibility, behavioral analysis, deterministic modules and threat intelligence.
RECONNAISSANCE
Gathering information on the attacked environments is a prerequisite for efficient malicious expansion and is typically executed by any type of port scanning.
CREDENTIAL THEFT
Gaining user account credentials is a key enabler of lateral movement. To achieve that, attackers exploit networking mechanism weaknesses to extract password hashes from intercepted internal traffic.
LATERAL MOVEMENT
For advanced attackers, the first compromised endpoint is merely a mean, not an end by itself. The attack’s true objective resides on other endpoints or the server. There are numerous vectors to spread across an environment, many of which generate unique network traffic.
DATA EXFILTRATION
The final stage in any attack is to exfiltrate compromised data from the internal environment to the attacker’s premises. A common way to evade perimeter defenses is to disguise the exfiltration as a legitimate protocol such: DNS, HTTPS, etc.
RISKY CONNECTIONS
Active communication with malicious sites includes: malware distribution, phishing and known C2C based on intelligence feeds.
The Cynet 360 Platform
Cynet Monitoring & Control is a native part of Cynet 360, the first Autonomous Breach Protection Platform that utilizes Cynet Sensor Fusion™ to protect the entire environment by delivering the following capabilities: