Advanced Threat Detection with Core Network Insight

Core Network Insight

Get complete visibility into network threat-related activities.

Core Network Insight

Divider text here
Core Network Insight (formerly Damballa) is an advanced threat detection system built on nearly a decade of scientific research and big data visibility. It automatically and accurately identifies hidden infections in real time on live traffic.

No More Alert Fatigue

You’ll only hear from Network Insight when it’s time to act. When Core Network Insight confirms a device is infected by advanced persistent threats or malware, it presents a full case of evidence, prioritized by risk. Thus, no more false positives, only serious alerts.  

How Does Network Insight Work?

Network Insight works in three stages:

1. Detect

Network Insight observes device behavior over time. It is continually capturing and correlating evidence using multiple detection engines to arrive at a state of ‘suspected’ or ‘infected.’ 

2. Confirm

The Case Analyzer, a context aware threat intelligence engine, confirms the infection, and a series of risk profilers assess and prioritize based on the determined risk level. 

3. Respond

Members of an organization’s security team receive definitive evidence so they can rapidly prevent loss on high-risk devices while blocking activity on the rest.

Protecting the Internet of Things

Do you know the status of every device in your organization? Most security products only protect a fraction of all endpoints or require an agent to be installed in order to monitor them. This leaves far too many IoT devices unprotected, including: security cameras, video conference units, MRIs, CT machines, SCADA systems, or even connected coffee makers and refrigerators. Network Insight is agentless, as well as OS and platform agnostic, covering any and every device in your network. 

Prevent What You Can, Detect What You Must

Divider text here
Cybersecurity plans often focus primarily on prevention, which is a critical component of network safety, but it’s not the only module to consider. In today’s world of advanced threats, the benefits of detection solutions like Network Insight are just as clear and crucial:

  • Shorten the lifespan of infections – Our network appliance automatically and accurate detects active yet hidden infections within seconds, minutes, and hours instead of the weeks it takes an organization, on average, to currently find an infection. 
  • Reduce risk of Damage – The more time an infection spends on your network, the more harm it can cause your IT environment. Fast detection is the key to rapid removal.
  • Save time and resources – When Network Insight determines an infection is NOT present, it automatically closes the case. 


Divider text here
Analyze behaviors on computers icon

Analyze Behaviors

Analyze network behaviors, malicious payloads and threat actor / APT activity.
Verify evidence in folders icon

Verify Evidence

Pass information to an automated Case Analyzer which corroborates evidence.
Validate infections icon

Validate Infections

Confirm true positive infections and apply risk-ranking.
Prioritize workflow icon

Prioritize Workflow

Present response teams with prioritized workflow for immediate action.

See it in Action!

Divider text here