Network Insight (formerly Damballa Failsafe) is an advanced threat detection system that automatically and accurately identifies hidden infections, in real time, on live traffic. Built on over a decade of scientific research and big data visibility, Network Insight rapidly detects infections before the attack cycle is complete, so that security analysts can both eliminate the threat and minimize damage, enabling rapid recovery and remediation.
Uncovering Compromised IoT Devices
High end IoT devices are critical in many industries, but don’t have antivirus or any other form of scanning technology, and often can’t be patched. Unfortunately, these vulnerabilities make IoT devices ideal targets, though it is difficult to tell when a device is infected.
Network Insight is an agentless solution, giving it the flexibility needed to monitor network traffic for any device, including SCADA Systems, Point of Sales (POS) systems, and healthcare devices like MRIs and X-Ray machines. Infection can be determined based on data observed within the environment, as well as through leveraging Network Insight’s massive database of threats.
Evidence Based Confirmation and Prioritization of Infection
Network Insight detects advanced persistent threats (APTs) by observing device behavior in real time, continually capturing and correlating evidence using multiple detection engines to arrive at a verdict of “suspected” or “infected.”
From there, the Case Analyzer, a context aware threat intelligence engine, confirms the infection, and a series of risk profilers assess and prioritize the infection based on the determined risk level. Members of your organization’s security team will receive evidence and truly actionable alerts. Network Insight reduces alert fatigue by only sending notifications when it is time to act, shortening dwell times, preventing data loss, and ensuring swift remediation.
Network Insight enables immediate action to these threats by instantly alerting response teams in their preferred platform, with notifications in SIEM, SYSLOG, or email, and automatic ticket creation in systems like Service Now or Jira Service Desk.
Personalized Dashboards for Enhanced Visual Information
Network Insight has an intuitive interface with dark mode enabled dashboards that users can tailor to get the information they need. Get visibility into Network Insight's findings, threat and asset status, as well as ongoing trends within your network. See detailed data on currently infected assets, average infection age, riskiest infected assets, newly infected assets, and more.
“In order to stop today’s advanced threats, first you have to detect them. Our traditional security controls weren’t doing that. That’s where [Core Security] comes in.”