SignalSense Cyber Intelligence 2017-05-18T13:56:20+00:00

The Future of Security – Cyber Intelligence Inside

Our Cyber Intelligence solution evaluates network traffic to generate indispensable security intelligence about threats occurring inside the network.

The Future of Security - Internal Cyber Intelligence

Current World

Companies are forced to rely heavily on humans to respond to the volume, velocity and complexity of security alerts. Cyber Intelligence from network traffic is largely absent.

Current Situation

The ability to digitize our lives has outpaced our ability to stay safe.  One of the biggest challenges is to understand the volume, velocity and complexity of threatening activity inside the network. We call this Cyber Intelligence.  Today this requires legions of security experts who evaluate huge volumes of alerts, and remediate attacks. Detection and response can take months. 200 days on average. If we are to improve time to detect and respond, we must ask ourselves, “what are we going to do differently”.

Security with SignalSense

The SignalSense Cyber Intelligence solution is enabling a new level of productivity and responsiveness from enterprise security teams. We offer unique patent pending technologies that discover, prioritize and explain security threats inside enterprise networks.

Unified Human Knowledge and Machine Intelligence

One of the primary objectives of any cyber security strategy must be to enable SecOps to move faster. Today, we rely too heavily on security experts because they have knowledge about security that detection systems don’t. This is changing.

SignalSense has developed a framework for unifying human knowledge and machine intelligence for security detection. In effect, we embed the knowledge and thought process of a security expert into our product. The result is a solution that dramatically enhances the ability to identify, predict and respond to threats with far less human analysis.

What Makes SignalSense Different?

Our mission is to make Cyber Intelligence practical and effective for businesses of any size. In this pursuit SignalSense has developed innovative and indispensable technologies to quickly and precisely identify and even predict security threats that exist inside enterprise networks.

Unified Human and Machine Intelligence

Sharable framework for applying human intelligence to detection

Crucial for Workload Reduction

Cyber security depends on humans because they know things about security and your network that machines don’t.  What you need is a solution that unifies human knowledge with the power and scale of machine intelligence.   SignalSense has created a shareable framework (patent pending) to make this possible, practical and effective, at enterprise scale.

The result is a peace of mind and reduction of workload not possible until now.

Virtual Attack Surface ™

Safely test live attacks against your network traffic

Unrivaled Proof of Detection Capability

SignalSense patent pending Virtual Attack Surface evaluates attack activity in our virtual test range as if it happened inside your network, eliminating the risk inherent in allowing live malware or hacking activities on your network.

  • Enables proof of detection capability and reliability of detection across diverse network environments
  • Enables us to rapidly prototype and deploy new and custom detections
  • We can cost-effectively demonstrate detection capabilities in live customer environments

Actionable Security Cases

Related security events are correlated, prioritized, and summarized

True Workload Reduction

Security teams are being overwhelmed by security alerts.  The average company receives 17,000 alerts a week, only 4% of them are investigated. Few are actionable.

SignalSense groups related security events into cases.  We describe the event activity in clear english and prioritize the most urgent cases.  Most importantly, the cases include the information that SecOps needs to make the case actionable.

Enterprise Scale

Intelligence and Scale

With Scale Comes Complexity

The SignalSense team has decades of experience designing operating and securing  the worlds largest most complex networks.  Our product understands load balancers, content distribution networks (CDN’s) and enterprise topology.  We’ve also engineered an abstraction layer to make detections more valuable, presentation more obvious and security cases more actionable.

All of this intelligence is shared from our private auto-scaling cloud.  When it comes to scale… and complexity, we have you covered.

Network Traffic Analysis

Urgent need for network intelligence

Growing Number of Devices Without Agents

Cyber Intelligence derived from network traffic offers unique insight into threatening activity.  Our detectors benefit from access to all network traffic, an understanding of your network topology and information about internet services.

It is predicted that the number of devices connected to the internet will expand by over 25 billion devices over the next five years.  Many of these will be IoT devices that will not accommodate security agents.  Also of note, many experts are reluctant to install security agents on servers.  For securing these devices, Network Intelligence is not just “nice to have”, it’s a necessity.

Proven Team of Security Experts

Decades of military, government and commercial cyber experience

Broad Range of Offensive and Defensive Experience

We’ve assembled a world-class security team with a wide range of expertise in offensive and defensive cyber technology including reverse engineering, exploit and implant R&D, custom hardware design and manipulation, and covert data communication. Not only are they security experts, they are industry veterans who have delivered security products and services that have generated hundreds of millions of dollars in cybersecurity revenue.

End-to-End Visibility

Network Visibility

Detection of a Full Range of Kill Chain Activity

Our dynamic security cases are built from real-time detections observed on the network through a variety of sophisticated data science techniques. Taken together, these detections represent the ability to detect a wide variety of the most threatening attack campaigns. We employ a vast and growing variety of detections for each category of cyber threats that follow.

  • Network Reconnaissance & Setup

  • Command and Control Traffic

  • Evidence of Exploited Systems

  • Indicators of Data Exfiltration

  • Protocol Exploitation

  • Credential Abuse

  • Network Traffic Anomalies

  • Suspicious New Hardware

  • Suspicious Public Endpoints

  • Network Context Derived Detection

  • Never Before Seen Behavior

  • Indicators of Ransomware

  • Customizable Detections

  • And More