USER BEHAVIORANALYTICS

Trusted by organizations to secure their Windows server infrastructure, against threats from rogue insiders, compromised accounts and external threats.

Malicious Logins

Receive notification if a critical server is accessed during unusual hours, or when there’s been an unusual number of login failures.

Malware

Receive notification when there is an unusual process running on a machine.

Detect, investigate, and mitigate threats like malicious logins, lateral movement,
privilege abuse, data breaches, and malware.

Applying machine learning and statistical analytics creates a baseline of normal behavior specific to each user and alerts about deviations from this norm—a task that’s impossible for security professionals to manually perform

Raise alert upon detection of malicious activity to be resolved manually using Cynet automated context generation and remediation actions.

Enable Cynet’s built-in preventions or tailor a customized flow utilizing host isolation, traffic block and user disable.

THREAT PROTECTION

CYB3R-X Network Analytics protection spans the wide range of advanced attack stages, utilizing network visibility, behavioral analysis, deterministic modules and threat intelligence.

RECONNAISSANCE

Gathering information on the attacked environments is a prerequisite for efficient malicious expansion and is typically executed by any type of port scanning.

CREDENTIAL THEFT

Gaining user account credentials is a key enabler of lateral movement. To achieve that, attackers exploit networking mechanism weaknesses to extract password hashes from intercepted internal traffic.

LATERAL MOVEMENT

For advanced attackers, the first compromised endpoint is merely a mean, not an end by itself. The attack’s true objective resides on other endpoints or the server. There are numerous vectors to spread across an environment, many of which generate unique network traffic.

DATA EXFILTRATION

The final stage in any attack is to exfiltrate compromised data from the internal environment to the attacker’s premises. A common way to evade perimeter defenses is to disguise the exfiltration as a legitimate protocol such: DNS, HTTPS, etc.

RISKY CONNECTIONS

Active communication with malicious sites includes: malware distribution, phishing and known C2C based on intelligence feeds.

The Cynet 360 Platform

Cynet Monitoring & Control is a native part of Cynet 360, the first Autonomous Breach Protection Platform that utilizes Cynet Sensor Fusion™ to protect the entire environment by delivering the following capabilities:

NGAV

Automated Prevention of malware, exploits, fileless, Macros, LOLBins, and malicious scripts

XDR

Extended detection and investigation of advanced threats on the endpoint

UBA

Detection and prevention of attacks that involve compromised user accounts

Deception

Planting fake passwords, data files, configurations, and network connections to lure attackers to reveal their presence

Monitoring & Control

Asset management, vulnerability assessment, and application control

Response Orchestration

Manual and automated remediation actions for files, users, hosts, and network