Cyber Security

Cyber-Security Intelligence

The signs are there if you know how and where to look

The Challenge

Protecting critical business and personal data has become the number 1 priority for employees tasked with managing an organisation’s IT infrastructure. With the arrival of the General Data Protection Regulations, GDPR, due to come into force for European institutions in 2018 on top of the existing global compliance standards governing card payments, healthcare records and financial transactions, that task is due to get a whole lot harder.

Deploying firewalls and deep packet inspection technologies to monitor network traffic combined with the latest anti-virus software running on end-point devices can go a long way towards preventing hackers gaining access to the business-critical servers containing valuable customer data or intellectual property. But with savvy hackers continually developing new attack vectors designed to exploit vulnerabilities in the systems it is inevitable that breaches will occur at some point, if they haven’t already.

The challenge for CISOs and network managers is how to take security to the next level needed to meet the latest compliance standards typically with finite resources and an already overloaded work schedule.

The Solution

In most cases the evidence already exists in the huge volumes of log-files generated by the myriad of traffic sensors deployed across the network. The question is how to approach such a daunting task and extract the meaningful and actionable intelligence hidden in the terabytes of unstructured log-data generated through everyday operations.

While hacking is getting relentlessly more sophisticated the tell-tale signs of an APT attack, hidden malware or incidence of compromise are hard to completely disguise. Xanadata’s powerful Typhon Accelerated Threat Detection platform uses custom silicon with massive parallel processing power capable of simultaneously scanning terabytes of log data against thousands of threat signatures. In a matter of just a few hours, Typhon will pinpoint existing and potential security breaches that have evaded the network defences. With the addition of Xanadata’s AI and machine learning techniques generating augmented intelligence in a unique 3D visualisation format Typhon is able to pattern match user behaviours to accurately predict and prevent the next attack occurring.

Typhon can be delivered as a bespoke mobile platform for on-site consultancy projects or as a standard rack-mount appliance as a permanent, real-time threat monitoring solution.

Data Sources

Log files: Firewalls, IDS/IPS/UTM/Switches and Intelligent routers

Use Cases

• Accelerated Threat Detection
• Real-time Threat monitoring
• Zero Day Detection
• Forensic Incident Analysis
• User Behaviour Anomaly Detection

Business Impact

• Accelerated threat detection
• Breach prevention or impact reduction
• Enhanced threat response and forensic investigation
• Reduced probability of financial, non-compliance penalties

Supported Compliance Standards

• GDPR
• PCI DSS
• SoX
• HIPPA

Resources

• Solution Brief

Xanadata Typhon ATD-KoR-060317v0.6> (View/Download)