Core Network Insight

Automated Breach Defense

Network Insight (formerly Damballa Failsafe) is an advanced threat detection system that automatically and accurately identifies hidden infections, in real time, on live traffic. Built on over a decade of scientific research and big data visibility, Network Insight rapidly detects infections before the attack cycle is complete, so that security analysts can both eliminate the threat and minimize damage, enabling rapid recovery and remediation.

Uncovering Compromised IoT Devices

High end IoT devices are critical in many industries, but don’t have antivirus or any other form of scanning technology, and often can’t be patched. Unfortunately, these vulnerabilities make IoT devices ideal targets, though it is difficult to tell when a device is infected.

Network Insight is an agentless solution, giving it the flexibility needed to monitor network traffic for any device, including SCADA Systems, Point of Sales (POS) systems, and healthcare devices like MRIs and X-Ray machines. Infection can be determined based on data observed within the environment, as well as through leveraging Network Insight’s massive database of threats.

Evidence Based Confirmation and Prioritization of Infection

Network Insight detects advanced persistent threats (APTs) by observing device behavior in real time, continually capturing and correlating evidence using multiple detection engines to arrive at a verdict of “suspected” or “infected.”

From there, the Case Analyzer, a context aware threat intelligence engine, confirms the infection, and a series of risk profilers assess and prioritize the infection based on the determined risk level. Members of your organization’s security team will receive evidence and truly actionable alerts. Network Insight reduces alert fatigue by only sending notifications when it is time to act, shortening dwell times, preventing data loss, and ensuring swift remediation.

Network Insight enables immediate action to these threats by instantly alerting response teams in their preferred platform, with notifications in SIEM, SYSLOG, or email, and automatic ticket creation in systems like Service Now or Jira Service Desk.

Personalized Dashboards for Enhanced Visual Information

Network Insight has an intuitive interface with dark mode enabled dashboards that users can tailor to get the information they need. Get visibility into Network Insight's findings, threat and asset status, as well as ongoing trends within your network. See detailed data on currently infected assets, average infection age, riskiest infected assets, newly infected assets, and more.

Datasheet Testimonials

“In order to stop today’s advanced threats, first you have to detect them. Our traditional security controls weren’t doing that. That’s where [Core Security] comes in.”

- Fortune 500 Entertainment Company
Sidebar Datasheet


Key Features

  • Real-time capture and correlation of evidence to detect APTs
  • Automated Case Analyzer to confirm infections
  • Agentless functionality to enable monitoring of every device, including high-end IoT
  • Threat intelligence API to determine the risk status of domains
  • Interactive, personalized dashboards with dark mode capability
  • Searchable database with details on different threats
  • Integrations with other solutions like Carbon Black or Event Manager
  • Extensive reporting capabilities

Supported Browsers

  • Microsoft® Edge,
  • Microsoft® Internet Explorer 11
  • Firefox
  • Chrome

Hardware Requirements

  • One or more sensor appliances for monitoring
  • Management Console for analyzing both local and global intelligence

Workflow Integrations

Notify response teams using:

  • SIEM solutions
  • Email
  • ServiceNow
  • JIRA