- Intelligent Hub
- Converged Endpoint
- Email Protection
Digitalware Intelligent Hub, Threat Visibility in Depth
Digitalware Intelligent Hub (DIH) is a big data platform for unified threat detection and mitigation. DIH combines the visibility from your existing and future tools with advanced machine learning, providing an unprecedented level of insight across your endpoint health, anomalous network behavior, and perimeter activities.
DIH scales at the speed of your environment. By leveraging proven big data platforms, DIH can handle all security data streams in a customers’ environment. With each stream, DIH enhances threat detection and provides richer context for investigation and rapid pinpointing of threats that require immediate action.
As an open platform that allows you to quickly integrate your current suite of security tools and endpoint protection suites, DIH enables a single view that provides an analyst with a full picture of the security state of the environment. As customers’ environments grow and evolve, data feeds, alerts and logs from additional tools can be quickly added to DIH making it the central hub for SOC analysts and cyber hunters.
DIH can be deployed quickly and without disruption to your network and IT operations. Our containerized hardware / VM appliances can be installed in a day in your data center. Customers can also choose to run DIH on the public cloud of their choice. Customers can adapt a hybrid model where logs and feeds are aggregated locally then sent upstream to a cloud installation.
- Advanced Machine Learning: DIH analytics combines the best of both worlds – combining known threats and identified IOCs from existing tools and monitoring networks, coupled with DNS and perimeter activities to discover unknown threats and eliminate duplication of alerts
- Rapid Scalability: Using a proven big data platform, DIH can keep up with the velocity and mass of the largest environment
- Modular Approach: DIH allows you to take advantage of existing tools and plays well with many security vendors. This enables our customers to customize the deployment to their needs, while future-proofing their investments
- Full Visibility: DIH allows your resources to access feeds and alerts in a single console. This saves countless hours chasing threats across multiple tools and increases detection and response speed
- Flexible Deployment: the DIH model supports our customer’s ability to leverage existing datacenter capacity or take advantage of the cloud to minimize time to value
Currently DIH offers the following deployment options:
|DIH Basic||Log ingest, analytics, alerting for Perimeter devices + Internal DNS, Proxy|
|DIH Crowdstrike Module||Integrates alerts and visibility from endpoints enabled with Crowdstrike|
|DIH Tanium Module||Integrates alerts and visibility from endpoints enabled with Tanuim|
|DIH Open DNS Module||Integrates visibility gained from DNS queries from Open DNS clients|
|DIH FireEye Mail Feed||Integration with the leading threat intelligence threat feeds, leads to superior identification of malicious links and attachments|
|DIH Enterprise||DIH Basic plus integration of Active Directory logs, and internal network flows|
DIH Converged Endpoint
Worldwide, companies are realizing that having single vendor endpoint protection is no longer sufficient to address the new generations of threats. With the perimeter of any modern company eroded by the increased level of cloud services consumption and the need to collaborate with partners outside the firewall, the endpoint is at the center of threat management. According to the Verizon’s Data Breach Report (DBR), most data breaches are now initiated from either a compromised user computer or compromised credential. Additionally, 2016 has seen an unprecedented increase of ransomware incidents, some of which crippled organizations financially, causing a risk of their brand reputation with very little understanding of how it happened.
Digitalware Converged Endpoint solution allows companies to take advantage of multiple best of breed endpoint protection solutions to ensure the highest level of protection.
Step 1- Digitalware manages the deployment of the solution to all endpoints in your environment.
Step 2 – Digitalware monitors all your endpoints from our world class SOC. Alerts, threats and updates are managed centrally by our security analysts. Our SOC analysts handle first response to threats and alerts and incidents.
Step 3 – Digitalware’s complete incident handling enables our analysts to work directly with a client team when an incident occurs and actions are needed.
Our proprietary threat management analytics allows us to combine data from threat intelligence feeds and endpoint telemetry to quickly identify known and unknown attacks quickly, responding by containing threats before the attacker gains persistence in your environment.
Currently Digitalware’s Converged Endpoint managed service solution supports the following endpoint protection solutions:
- CrowdStrike Falcon host
- McAfee EndPoint Protection Solution
iSOT (Internet Security of Things)
Digitalware’s ISoT services embed a security-first approach to build out an effective secure IoT solution. End-to-end security spans from the sensors all the way through the cloud, inclusive of secure management, encryption of data in transmission and at rest, authentication, authorization and access control. It is completed with active cybersecurity monitoring that protects the integrity and security of your data.
DIH Managed Email Protection
Email is becoming one of the most prevalent threat vectors today. According to the SANS Institute, 95 percent of all attacks on enterprise networks are the result of successful spear phishing. (Source: SANS Institute). Digitalware recognizes that there is no silver bullet for protection against threats. While user awareness training may be helpful in raising awareness and reducing click through by end users, having advanced technical controls remains a must to minimize the chance of successful attacks. Digitalware Email Protection managed service offers a mix of best of breed protection solutions combined with human active management, machine learning analytics and aggregated threat intelligence feeds. These components offer our clients the most comprehensive email protection in the market today.
Why is Digitalware Managed Email Protection superior?
Our solution combines the following layers of protection:
- Email security for mailboxes
- Integration with the leading threat intelligence threat feeds, leads to superior identification of malicious links and attachments
- Advanced analytics of sender/recipient relationships
- Multi-engine malware scanning against malicious attachments
- Advanced sandboxing technology from FireEye
- SOC Analyst investigation and response capabilities
- Email header analysis