Today, curious and knowledgeable youngsters are not the only concern for enterprises. Various attackers, including script kiddies, hacktivists, hackers, malicious insiders, cyber criminals, terrorists and even State sponsored organized groups are becoming more advanced and persistent for breaking the confidentiality, integrity and availability of enterprise information systems. More sophisticated and more intelligent defense Solutions are required against these adversaries to prevent disclosure of enterprise information, loss of time, money, reputation and resources. CUSTOS equips Enterprise Security Professionals with necessary tools to have deep visibility into their information security and management systems. It is complex enough to detect low and slow attacks but at the same time it is easy to deploy, maintain and use.
CUSTOS comprises a fully automated risk management feature. By combining enterprise network’s asset repository, vulnerability map, operational status and threats, current risks are evaluated continuously and even new risks are identified. This fully automated process continously tracks changing and developing risks as well as inereasing and decresing risks. CUSTOS provides detailed risk assessment reports with pointers for suitable risk mitigations and urgent notifications in case of a need for a contingent risk response.
By analyzing entire system and current configurations; threats such as attacks, malwares, policy breaches, network scans, rootkits, fraud operations and critical changes in the network are detected and identified. CUSTOS helps security professionals convert threat information into network protection.
After identifying critical devices and running services in your network, you analyze your entire system to identify and classify the vulnerabilities, exploitable weaknesses that an attacker could use to break into your system. Vulnerabilities such as insecure configurations, software with known bugs, missing patches and upgrades are periodically evaluated.
Using Deep Packet Inspection technology, network traffic is continuously monitored and evaluated to identify and detect abnormal/undesirable traffic patterns, unusual events or trends and network behavioral irregularities against the normal characteristics model. High error rates of classical behavioral monitoring systems are compensated by performing multi-stage analysis using available data of network assets and vulnerabilities.
Massive data flows generated by various security tools already present in the enterprise network can be fed into CUSTOS. This data is analyzed and correlated efficiently according to built-in or user configured rules to increase detection rate and to create dynamic alarms.