Cryptomage Cyber Eye™ - more than a network probe
Cryptomage Cyber Eye™ is a Network Detection and Response (NDR) class network probe. It is a dedicated network device based on Intel® FPGA technology and proprietary artificial intelligence (AI) and machine learning (ML) circuitry that analyzes network traffic in real time.
Probe Cryptomage Cyber Eye™ is not only an excellent tool for analyzing network infrastructure traffic. It also provides real-time detection and prediction of non-standard network events and a unique approach to network traffic analysis, with a combination of protocol behavior analysis, packet analysis and host communication behavior analysis - supported by ML and AI algorithms. While most such devices focus their functionality on monitoring user and host behavior, the Cryptomage Cyber Eye™ also includes algorithms that give insight into unusual low-level network behavior.
Threat detection
Threat detection provides a thorough inspection of every single packet on the network usingvalidation of known network protocols andmachine learning algorithms, for proactive risk determination.
Detection of personal data leaks (RODO)
- Checking network packets for document numbers, PESEL numbers, bank accounts, among others
- Generating reports for Data Protection Officers.
Network Monitoring
Proprietary methods for creating and examining metadata that go well beyond traditional NetFlow analysis.
- Behavioral analysis of protocols and anomaly detection
- Passive mode - acting on a copy of the traffic does not affect network traffic latency
Event management
- Instant and seamless integration with SIEM, SOAR and NGFW class systems
- Risk assessment of each event and effective hazard assessment
- Built-in analytical tools and charts
- Ability to configure custom event triggers
Forensics
- Extraction and storage of high-risk network traffic - makes it easier to analyze and focus on specific threat levels
- Storage of processed metadata in expanded format - for faster analysis of behavior and patterns
Rules of the road
- Separate configuration for each subnet - ability to keep key threat areas in focus
- Ability to manually define high-risk elements - specific requirements for specific risk areas
Easy administration
Not requiring the sacrifice of large amounts of work.
- Web-based administrative interface - flexible and easy to use
- User management - defining users in different roles and full accountability of their actions in the system
Cyber Eye™, a Cryptomage product, is a complementary tool that can be deployed with IDS, UTM and/or NGFW to support and enhance, existing security systems. The probe, in combination with other components, provides more information and context about threats that are not signature-based. Thus, it enables the customer to take effective action to protect assets.
As a result of installing the Cryptomage Cyber Eye™ probe, organizations can identify, monitor and segregate traffic flows, connections and potential malicious events within them. This provides IT teams with enhanced security and process automation, enabling faster detection and prevention of multiple threats. The solution also enables flexible configuration of device parameters, event prioritization and the addition of modules.