Security today is about searching for and finding attacks faster. Not waiting until the obvious signs are there. Security, as a general rule, is reactive. You’re under attack, you stop the attack. But threats have changed. Today’s attackers have upped their game creating and using attacks that are likely to go undetected by conventional devices. Pravail Security Analytics is a disruptive approach to It uses big data technologies that allow you to cost effectively collect and store all the traffic entering and leaving you network. With Pravail Security Analytics you can mine through massive amounts of data to hunt out those attacks that put your business integrity at risk. See attacks or other malicious behaviors in real time, pause and rewind network data to investigate events further, view attacks and attackers from different perspectives, identify zero day attacks and pinpoint data exfiltration. You can also perform forensic analysis to determine the effectiveness of current security controls, tighten protection and support various compliance requirements.
Features & Benefits
REAL TIME ATTACK DETECTION
When an attack has compromised your perimeter, quickly identifying it before it can do any damage is important. The Pravail Security Analytics appliances can capture an analyze traffic in real time. This means your security team can constantly monitor critical assets and immediately identify malicious activity.
VISUAL, COMPREHENSIVE ANALYSIS FOR ATTACK TIMELINES
Advanced threats are often comprised of multiple types of threats. In many cases, once an attacker gets a foothold into the network they will launch additional attacks to escalate privileges and/or access other system. The Pravail Security Analytics platform leverages full packet captures to analyze beyond individual threats and instead create a detailed timeline of when the compromise first occurred, what communications occurred and what other systems were impacted.
PLAY, PAUSE & REWIND YOUR DATA
Effective analysis requires interaction with your data. Pravail Security Analytics gives you the tools to interact with your data like never before. Powerful visualizations display data from multiple perspectives (attacker, target, location or attack type) enabling security analysts to quickly compare attack statistics from different periods or locations, over years or terabytes of traffic.
REANALYZE OLD DATA WITH NEW INTELLIGENCE
Determining initial compromise can be critical during attack investigations. The Pravail Security Analytics platform relies on a process called looping to identify previously undetected attacks. New security intelligence information is run against stored packet captures to determine if an attack compromised the system at an earlier date.
GLOBAL ATTACK INTELLIGENCE, LOCAL PROTECTION
The threat intelligence that keeps Pravail Security Analytics at the cutting edge of network security comes from data derived from Arbor’s ATLAS® (Active Threat Level Analysis System). Using this system, Arbor monitors Internet traffic to detect new threats that are targeting the enterprise. This data is analyzed by security experts within Arbor’s Security Engineering & Response Team (ASERT) and developed into effective analytics or detection methodologies.
RAPID DEPLOYMENT, IN THE CLOUD OR ON-PREMISE
Pravail Security Analytics uses Big Data technologies that lower the barrier to entry for organizations looking to deploy and operate world-class security analytics. An organization can securely upload packet captures to Pravail Security Analytics in the Cloud and be analyzing their data within minutes of a threat being identified. For organizations that cannot upload their packet captures to the Cloud for security or practical reason, Pravail Security Analytics can also be deployed as an on-premise solution.
"Pravail Security Analytics has broken new ground in security analytics functionality. The ability to replay captured traffic (looping) through an updated engine provides retroactive forensics that takes advantage of new intelligence as it becomes available. That, and the enhanced graphical data mining capability sets Arbor's Pravail Security Analytics apart."