Detect More Threats, Faster and Respond With Greater Intelligence
Today’s rapidly expanding, clouds and data centers have become prime targets for infiltration and attacks with alarming frequency. Security teams are hard pressed to keep pace with the staggering rate of breaches. GuardiCore Centra is the the only solution that provides a single, scalable platform with real time threat detection and response capabilities featuring the following key attributes:
Multiple Detection Methods
Threat detection methods – Dynamic Deception, Reputation Analysis and Policy-Based Detection, simultaneously form a strong security net, virtually ensuring that any live breach is caught, mitigated and contained for in-depth investigation.
Made for the Cloud
Patented Dynamic Deception with additional methods designed for the unique requirements of the cloud provides coverage against attack vectors that other product miss.
Integrated Response
Real time threat detection coupled with actionable intelligence and exact know how about the attackers tools and methods with real-time response recommendations and actions.
Detailed Forensics
Incident data is presented in a human-readable fashion alongside the evidence including indicators of compromise, relevant artifacts and the identifying characteristics of human attackers vs. bots.
See the Entire Attack, Block Lateral Movements and Reduce Dwell Time
Detect
Multiple threat detection methods address all types of threats
- Distributed, dynamic deception engages attackers and identifies their methods without disrupting cloud or data center performance.
- Reputation analysis detects suspicious domain names, IP address and file hashes within traffic flows.
- Policy-based threat detection enables instant recognition of unauthorized communications and non-compliant traffic.
Investigate
Automatic analysis provides high-fidelity incident data
- Collects the entire attack footprint – the files and tools being used and uploaded, and the arsenal of weapons that the intruder activates.
- Performs deep forensics to expose user credentials, attack methods, propagation tactics and more.
- Accelerates investigations with intuitive tags that help to identify and sort significant attack characteristics and trends.
Respond
Mitigation recommendations and platform integrations accelerate incident response
- Automatically export IOCs to security gateways, SIEM and ticketing systems to block, contain and investigate attacks.
- Quickly update segmentation policies to remediate traffic violations with a single-click.
- Trigger actions on VMs – suspend, halt, disconnect or snapshot – to prevent the spread of damage from ransomware attacks.
What Are the Common Cloud Security Threats?
Source: “Cloud Security: Defense in Detail if Not in Depth” Survey, November 2017, SANS Institute
53%
Denial of
Service Attacks
42%
Account or
credential hijacking
35%
Exploit against hosting
provider vulnerability
22%
Sensitive data exfiltration
directly from cloud app
22%
Privileged
user abuse
10%
Adversary pivoting from
cloud to internal systems
“GuardiCore enables us to enhance our overall data center security strategy and help our IT security team to avoid today’s advanced threats.”
Marino Aguiar
CIO, Santander Brasil
“GuardiCore gives me the ability to immediately isolate process or connection-based anomalies and view them with unprecedented clarity.”
Michael Lamberg
Vice President and Chief Information Security Officer
Learn More About Threat Detection and Response
Solution Brief
Breach Detection Spotlight: Reputation Analysis
Reputation analysis adds a valuable early-warning dimension to your breach detection capabilities.
Solution Brief
Breach Detection Spotlight: Dynamic Deception
Deception technology helps security teams to detect the attacker’s methods, motives and even identity.
Blog Post
Leveraging Micro-Segmentation to Accelerate Breach Detection
See how GuardiCore Centra integrates micro-segmentation with breach detection, analysis and response capabilities..
Ready to see the GuardiCore Centra Security Platform in Action?