시큐비스타

시큐비스타

Real-time Next Generation NDR

PacketCYBER

PacketCYBER protects customers from advanced threats with deep visibility and control over the entire intrusion kill chain, from Initial Exploitation to Data Exfiltration.

[PacketCYBER] 250Mbps, 500Mbps, 1Gbps, 2Gbps, 10Gbps

Key Features (Only PacketCYBER)

Real-time TLS Visualization
and Threat Detection
  • Obsolete encryption protocols with weak security
    e.g. TLS1.0, TLS1.1, SSL1.0, SSL2.0, etc.
  • Weak cryptographic algorithms
    e.g. NULL, RC2, RC4, DES, IDEA and TDES/3DE
  • Deprecated key exchange mechanisms
    e.g. using keys less than 1024bits RSA and DHE, ANON, EXPORT
  • Expired or imminent expiration certificates
Real-time File inflow and outflow
and Malware Detection
  • Machine Learning (ML)
  • File reputation
  • YARA Rule
  • Mal-doc detection scripts
Real-time Attacker TTP Detection
  • Port scanning
  • Address scanning
  • Web-based malware transmission
  • Email-based malware transmission
  • Dre-by-download behavior
  • SSH password brute force attack
  • FTP password brute force attack
  • RDP password brute force attack
  • Network intrusion (exploit)
  • Application Exploit
  • Suspicious outward-facing communications
  • Covert Channe
  • C&C detection
  • C&C evasion technology (DGA/Fast-Flux)
  • Suspicious data leak(Large Upload)
  • SSL/TLS fingerprint-based malware detection
Providing Network-Based Threat Visibility
  • Gain visibility into all network activity that is difficult for attackers to hide
  • Provides all communications metadata for activities such as initial network-based C&C, discovery, or internal reconnaissance activities that do not generate log events
  • Increases visibility of threats occurring in embedded systems and servers where EDR agents cannot be installed
Securing Business Value
  • Increase business continuity by proactively blocking threats missed by perimeter security such as existing signature-based tools and network sandboxes
  • Keep your network secure, ensuring availability and efficiency of critical business systems
Minimizing Damage through Early Attack Detection
  • Minimize damage from threats that failed to be detected by existing security solution by detecting advanced threats in real time, such as malware and abnormal network behavior
  • Block initial attacks by monitoring traffic that uses vulnerable encryption protocols and encryption algorithms
Efficient Security Monitoring and Threat Response
  • Increases the immediate response ability of security control by confirming threats to internal network abnormal activities
  • Increased security control efficiency by reducing MTTR (Mean Time To Recovery)
  • Efficient security monitoring with the ability to easily Identify the root-cause of the threats with automatic cross-session data