ThreatWatch®:  Finding needles in the haystacks

ThreatWatch® – Behavioral Analysis of Networks, Users & Assets

ThreatWatch® is the next generation of threat management, combining behavioral analytics, advanced security use cases, threat intelligence and situational awareness. The SOD ThreatWatch® behavioral analytics platform detects and analyzes threats by identifying patterns of network, user, and asset behavior that

  • Deviate from normal activity
  • Occur during unusual times of the day or week,
  • Interact with sensitive data or systems
  • Communicate with untrusted or suspicious sources
  • Use covert (encrypted) channels

Version 5 ThreatWatch Analytics Platform Enhancements

  • Performance improvements that include new customer portal
  • Simplified query capability for non-technical casual users while providing advanced query capabilities for power users
  • New Portal Design  with a simplified user interface, easier navigation & offering fully interactive charts, graphs, and alert drill-downs
  • Log Analysis Tools that allows interactive log analysis & on-the-fly report generation
  • Streamlined new Reports Manager with new report templates, easier scheduling, and improved performance
  • Support for New Advanced Correlation Sources that expands the specialized ability to analyze DNS & Network Flow data
  • Expanded Device & Use Case Support including Office 365, Cisco Umbrella, NAC, WAF, and many other products
  • Enhanced Artificial Intelligence/Machine Learning capabilities that drive threat detection of advanced threats and speed time to detection
  • Threat Intelligence gathering resources from our Threat Recon Unit (TRU), providing advanced threat intelligence capabilities

Correlating User, Network, & Asset Behavior Improves Threat Detection by a Factor of 10 Times

 ThreatWatch Advanced Analytics Engine

Network, user and asset behavior tend to be very predictable and pattern-oriented; system users access the same web sites, perform the same business and system functions, and communicate with the same vendors in the same way most of the time. Our approach is based on the concept that user behavior both within and outside of the network is predictable based on previous patterns of behavior.

Contact Us

We're threat hunting! Send us a quick email here and we will get back to you asap.

Not readable? Change text. captcha txt