FALCON DETECTION ENGINE
SOlution - fade
Using our own endpoint and network agents, we generate and collect the right security telemetry
FADE automatically correlates and reports hundreds of indicators of behaviors for our hunters
Our hunters report accurate alerts that clearly indicate the presence of an adversary in the environment or a serious risk
Our solution provides a comprehensive visibility into threats that were able to evade all other detection controls. We achieve this through real-time hunts and historical Machine Learning hunts for the early detection of outsider and insider attacks.
We leverage unsupervised Machine Learning algorithms to identify and flag outliers in the behavior of processes, users and devices. This allows the early discovery of stealth threats and other risks in the environment.
Our agents have a very low footprint and zero impact on the devices where it runs. It collects only the required data for each hunt and don't overload the system with unnecessary calculations.
Our solution scales up to thousands of devices. It's very easy to deploy using standard software deployment solutions. It can be fully deployed from hours to few days.
STEP BY STEP
THIS IS HOW
Generates and collects endpoint security telemetry to provide adequate visibility into cyber attacks
Scans in real-time the security data using our large library of more than 150 detection rules mapped to the MITRE ATT&CK framework.
Hunts trough historical data using supervised and unsupervised Machine Learning algorithms to discover hidden attack patterns and stealth threats
Automatically enriches every event with additional contextual intelligence information available to our Threat Intelligence platform
Provides a feed of high confidence security events containing rich contextual information and mapping to the MITRE ATT&CK
Provides a regular feed with information of all the new assets and applications discovered in your environment