Effective security requires searching for and finding attacks faster – not waiting and reacting after a significant breach is discovered. Pravail Security Analytics captures and analyzes terabytes of network traffic data – in real time – so security teams can instantly identify attack activities that indicate the system has been compromised and take steps to remediate.
Features & Benefits
REAL TIME ATTACK DETECTION
When an attack has compromised your perimeter, quickly identifying it before it can do any damage is important. The Pravail Security Analytics appliances can capture an analyze traffic in real time. This means your security team can constantly monitor critical assets and immediately identify malicious activity.
COMPREHENSIVE ANALYSIS FOR ATTACK TIMELINES
Advanced threats are often comprised of multiple types of threats. In many cases, once an attacker gets a foothold into the network they will launch additional attacks to escalate privileges and/or access other system. The Pravail Security Analytics platform leverages full packet captures to analyze beyond individual threats and instead create a detailed timeline of when the compromise first occurred, what communications occurred and what other systems were impacted.
POWERFUL VISUALIZATIONS AND INTERACTIONS
Effective analysis requires ongoing interaction with your data. Pravail Security Analytics gives you the tools to interact with your data like never before. First, powerful visualizations display data from multiple perspectives (attacker, target, location or attack type) enabling security analysts to quickly compare attack statistics from different periods or locations, over years or terabytes of traffic. Second, you can play, pause and rewind data to easily investigate threats and build attack timelines.
REANALYZE OLD DATA WITH NEW INTELLIGENCE
Determining initial compromise can be critical during attack investigations. The Pravail Security Analytics platform relies on a process called looping to identify previously undetected attacks. New security intelligence information is run against stored packet captures to determine if an attack compromised the system at an earlier date.
GLOBAL ATTACK INTELLIGENCE, LOCAL PROTECTION
The threat intelligence that keeps Pravail Security Analytics at the cutting edge of network security comes from data derived from Arbor’s ATLAS® (Active Threat Level Analysis System). Using this system, Arbor monitors Internet traffic to detect new threats that are targeting the enterprise. This data is analyzed by security experts within Arbor’s Security Engineering & Response Team (ASERT) and developed into effective analytics or detection methodologies.
RAPID DEPLOYMENT, IN THE CLOUD OR ON-PREMISE
Pravail Security Analytics uses Big Data technologies that lower the barrier to entry for organizations looking to deploy and operate world-class security analytics. An organization can securely upload packet captures to Pravail Security Analytics in the Cloud and be analyzing their data within minutes of a threat being identified. Pravail Security Analytics can also be deployed completely on premise for real time capture and analysis.
"Pravail Security Analytics has broken new ground in security analytics functionality. The ability to replay captured traffic (looping) through an updated engine provides retroactive forensics that takes advantage of new intelligence as it becomes available. That, and the enhanced graphical data mining capability sets Arbor's Pravail Security Analytics apart."