Maltego Features

Lets users group and organize their endpoints to gather threat intelligence on specific technologies.

Reduces the need for IT and security professionals to iterate repetitive tasks associated with gathering threat information.

The process in which users integrate their existing security systems and endpoints to the threat intelligence platform.

The ability for users to produce reports outlining detailed and personalized threat information

Analysis for users to examine threat intelligence data specific to their endpoint devices.

Diagnose and resolve incidents without the need for human interaction.

Guide users through the resolution process and give specific instructions to remedy individual occurrences.

Cuts off network connection or temporarily inactivate applications until incidents are remedied.

Gathers information related to threats in order to gain further information on remedies.

Information on each incident is stored in databases for user reference and analytics.

Produces reports detailing trends and vulnerabilities related to their network and infrastructure.

Analyzes recurring incidents and remedies to ensure optimal resource usage.

Gives alerts when incidents arise. Some responses may be automated, but users will still be informed.

Adminstrators can access and organize data related to incidents to produce reports or make data more navigable.

Administrators can organize workflows to guide remedies to specific situations incident types.

Requires verification of credit card, debit card, and money transfers prior to accepting payments

Monitors for and rids systems of bots suspected of committing fraud.

Constantly monitors system to detect anomalies in real time.

Alerts administrators when fraud is suspected or transactions have been declined.

Stores data from external or internal sources related to fake accounts, evaluating users for risk.

Actively gathers data on suspicious purchasing sources and characteristics of common committers of fraud.

Produces reports detailing trends and vulnerabilities related to payments and fraud.

Tags users suspected of committing fraud and identifies them upon return.

Rates each transaction's risk based on specific factors and their benchmarked scores.

Prevents previous committers of fraud from future transactions.

Provide a database or authorized and unauthorized resellers

Monitor online product and pricing information

Identify pricing or brand policy violations

Ability to warn resellers about violations

Provide plans to enforce pricing and brand policies

Track the effectiveness of enforcement activities

Identifies potentially malicious files and applications for threats files and applications for abnormalities and threats.

Analyzes infortmation from a computer or other endpoint's memory dump for information removed from hard drive.

Identifies recently accessed files and applications for abnormalities and threats.

Parses and/or extracts emails and associated content for malware, phishing, other data that can be used in investigations.

Allows for parsing and/or extraction of artifacts native to Linux OS including but not limited to system logs, SSH activity, and user accounts.

Gives alerts when incidents arise. Some responses may be automated, but users will still be informed.

Constantly monitors activity related to user behavior and compares activity to benchmarked patterns.

Constantly monitors traffic and activity. Detects anomalies in functionality, user accessibility, traffic flows, and tampering.

Facilitates the decryption of files and data stored using cryptographic algorithms.

Silently deploys on endpoints without alerting users.

Detects data movement to external USBs or external drives or uploaded to cloud storage or emails and excessive printer-usage.

Tracks activities taken on files or in applications, including save, print, or delete actions.

Sends alerts to administrators when users take insider threat actions .

Maintains active and historical evidence in a searchable format.

Provides risk scoring for suspicious activity.

Produces reports detailing trends and vulnerabilities related to their network and infrastructure.

Provides relevant and helpful suggestions for vulnerability remediation upon detection.

Reduces time spent remedying issues manually. Resolves common network security incidents quickly.

Records video or screenshots of endpoint sessions.

Logs keystrokes of users.

Analyzes user writing patterns to determine sentiment changes to identify disgruntled workers.

Analyzes data associated with denied entries and policy enforcement, giving information of better authentication and security protocols.

Stores information related to common vulnerabilities and how to resolve them once incidents occur.

Monitors data quality and sends alerts based on violations or misuse.

Aggregates real-time updates and historical data from multiplate internal and external data sources to support ongoing proactive threat response.

Detects new assets as they enter cloud environments and networks to add to asset inventory.

Identifies unsanctioned software.

Provides tools to track and implement required security policy changes.

Allows for vulnerability ranking by customized risk and threat priorities.

Gathers information about the system and potential exploits to be tested.

Uses machine learning to identify at-risk data.

Stores information related to common threats and how to resolve them once incidents occur.

Condenses long documents or text into a brief summary.

Allows users to generate text based on a text prompt.

Condenses long documents or text into a brief summary.

Condenses long documents or text into a brief summary.

Use AI to propose possible threat actor tactics, techniques, and procedures against specific environments or assets.

Use AI to automatically create detection rules based on observed patterns.

Use AI to produce concise summaries of complex threat reports or alerts.

Allows users to generate text based on a text prompt.

Condenses long documents or text into a brief summary.

Capability to perform complex tasks without constant human input

Ability to break down and plan multi-step processes

Anticipates needs and offers suggestions without prompting

Makes informed choices based on available data and objectives

Works across multiple software systems or databases

Improves performance based on feedback and experience

Makes informed choices based on available data and objectives