FileTAC

1 review

FileTAC provides dynamic analysis and detection capabilities that enable identification and response to a variety of cyber threats targeting enterprise networks: • Breach Detection • Exploitation Techniques • Intrusion Attempts • Malicious Actors • Suspicious Behavior Key features include: • High-Performance Network Inspection » Monitoring network traffic at throughput speeds from 100 Mbps to 40 Gbps » Full session analysis leveraging behavioral and advanced analytical techniques - including Machine Learning (ML) - to identify and respond to anomalous suspicious behavior • Turnkey physical and virtual appliance form factors • Physical appliances provide excellent data center economics - minimizing data center footprint (via 1U form factor), power, and cooling needs • Appliances collectively managed via single pane of glass • Ingests data in-motion, data in-use, and data at-rest • Complex threat hunting tasks are automated by leveraging intrusion analysis, intrusion detection, incident response, and event triage • Alert on malicious network activities, investigate, and perform forensics analysis to determine root cause and then respond using event triage and mitigation • Multiple Inspection Techniques » Deep File Inspection (DFI) employs detection logic at numerous layers to uncover a wide variety of attack and exploitation techniques » » Rapidly dissects files to expose evasions and malicious content within embedded logic (macros, scripts, applets), semantic context (spreadsheet cells, presentation words, etc.), and metadata (author, edit time, page count, etc) » » Full artifact inspection including session-level metadata (web headers), domains, files, hashes, headers, IPs, SSL certificates and URLs » » Optical Character Recognition (OCR), Computer Vision, and Perception Hashing used to inspect embedded images for presence of malware » Machine Learning (ML) incorporates advanced algorithms that leverage supervised classifiers and unsupervised clusters - designed to query vast amounts of data, discover patterns, and generate valuable insights » Algorithms are leveraged to identify/pinpoint threats without the use of IOCs » Sandbox integrations » Multi-scanning technologies • Breach Detection and Containment » Full visibility of all inbound and outbound enterprise network traffic flow to determine whether a breach has occurred » Identifies Command and Control (C2) activity associated with advanced persistent threats (APTs) by performing behavioral analytics and leveraging unique Indicators of Compromise (IoC) acquired and curated by InQuest Labs » Detects and/or prevents C2 activity of sophisticated actors and their tradecraft - ultimately reducing the dwell time that can eventually lead to data leakage or exfiltration • Emerging Threat Detection » Inspection engine utilizes heuristics and signature-based analytical pipelines to identify real-world emerging threats - blocking Zero-Day attacks and N-Day attacks • Retrospective Malware Detection » Via RetroHunting, files are inspected for latest threats to ensure even the most sophisticated attacks don’t go undetected - even if initially missed • Data Loss Prevention » Inspection of all file content and context to identify data exfiltration - ensuring sensitive information never leaves your environment • IQScore » Each file is dissected into an array of artifacts - each artifact is then given an IQ Score » Scores are driven by all available intelligence including discrete, heuristic, and ML score contributors » Threat receipts show intel sources at-a-glance » Signature pairings for "heating" and “cooling" based on latest threat intel » Block, alert, investigate recommendations give SecOps clear guidance on enforcement policy • Proactive Threat Intelligence » Built-in incident response workflow, remediation, and breach containment alleviate investigative workflows for your operators » Provides the ability to proactively track and hunt for emerging threats that have targeted your environment • RetroHunt Capability » SecOps personnel can retrospectively identify the most sophisticated threats to determine which assets have been impacted • Invisible to outsiders / attackers

MailTAC

0 reviews

InQuest's Integrated Cloud Email Security solution, MailTAC, leverages Deep File Inspection® technology to swiftly dissect files to reveal threats, even when malicious content is embedded within macros, scripts, applets, spreadsheet cells, or metadata. MailTAC provides valuable insights through header and link analysis so you can proactively detect and prevent potential threats. Scan deeper, learn faster, and be ready for any emailed threat. Whether the threat is hitting your network for the first time, or has been hiding on your servers undetected, our email security solution has the tools you need to find it, uncover it, and stop it in its tracks.

InSights

0 reviews

Harness InQuest’s unique perspective and insight to find threats months before the competition. Our Threat Intelligence team gathers and analyzes unique data sources from open source industry feeds, as well as InQuest proprietary data sets, to provide you with leading edge and highly-trusted indicators of compromise so you can stay ahead of emerging threats and reduce dwell times.

NetTAC

0 reviews

High-speed and high-volume analysis and detection against your enterprise network traffic. Gain full visibility of your network traffic, automate threat hunting, detect cyber threats, and empower your SOC team with the most advanced analysis and response capabilities anywhere.