Resolution1 Security

 
Resolution1 CyberSecurity

Resolution1 CyberSecurity

Confidently respond to, validate and resolve security incidents in a fraction of the time it takes using traditional approaches.

 
 
 

Leverage ThreatBridge™ to Hunt for Threats

Leverage intelligence in any format, from simple to complex, to search for and identify compromised endpoints and automatically take action.  CyberSecurity’s ThreatBridge™ module supports the use of custom, open source or commercial intelligence and current formats including Indicators of Compromise (IOCs), YARA rules, CSV, JSON, XML, STIX, zip, feeds, HTTP and FTP.

Learn More
Back To Top
 
 

Identify Compromised Endpoints

Once CyberSecurity validates an IOC, the system automatically sweeps endpoints for signs of the compromise.  In addition, Endpoint Threat Alerting will automatically trigger an alert any time a threat indicator is found on an endpoint and initiate the appropriate response action.

Learn More
Back To Top
 
 

Eliminate Blind Spots

Identify threats as they happen no matter where in the environment – network, endpoint or mobile (IOS & Android).  Protect your endpoints on and off the network.

Learn More
Back To Top
 
 

Respond Immediately

Integrate with SIEMs, next-generation firewalls/detection systems, and alerting tools with endpoints to automatically link disparate information and enable top-to-bottom visibility and effective response.

Learn More
Back To Top
 
 

Triage & Validate Suspected Incidents

Automatically harvest rich system data from endpoints, correlate that information against threat reputation services, advanced threat detectors and threat intelligence to deliver confirmation an endpoint is compromised.  Security analysts can quickly view the triage package for information on which artifacts, such as processes or network connections, on an endpoint are related to a given event - without the use of multiple point products or analyst’s time.

Learn More
Back To Top
 
 

Record Key Events

Protect your systems by recording key events and automatically delivering a timeline related to a suspected incident along with the prioritized alerts.  The Endpoint Threat Monitoring protection technology records activity (file, processes, registry, network, DNS, & URL) - even if malware is cleaning up forensic traces or slow rolling.  The “flight recorder data” will remain intact and fully expose how it happened, what was taken and who else was involved - well after the initial breach has occurred.

Learn More
Back To Top
 
 

Automatically Remediate & Take Action

Immediately halt data exfiltration and lateral movement from endpoints using endpoint isolation, process halting, file wiping, anti-virus scans or custom scripted routines on the endpoints.

Learn More
Back To Top
 
 

Automate Incident Response Workflows

Easily create and customize response workflows specific to the organization.  Automatically kick off remediation or deep analysis actions by leveraging the alert response workflow engine to define trigger rules as well as the appropriate response.

Learn More
Back To Top
 
 

Perform Malware Triage & Analysis

Analyze executables on the fly at the endpoint or from the network sensors as executables are downloaded from the internet. The Resolution1 malware analysis engine, Cerberus, provides threat scores and disassembly analysis to determine both the behavior and intent of suspect binaries.

Learn More
Back To Top
 
 

Perform Network Content & Pattern Analysis

Build integrated maps of assets or users to see after-hours usage spikes and anomalous data traffic to identify malware, malicious insiders and advanced exploits that cannot be seen by signature-based perimeter defense and alerting tools; See how proprietary or inappropriate information proliferated independent of keyword or linguistic matching; Use interactive graphical representations to efficiently analyze users, hosts, domains, applications, protocols and addresses - detecting changes or abnormalities from established network baselines.

Learn More
Back To Top
 
 

Store & Catalog Network Data

Store and catalog network data into a central repository enabling playback of the exact sequence of events to ensure effective and accurate investigations.

Learn More
Back To Top
 
 

Monitor Mobile Devices for Threats

Monitor network mobile devices (Android and iOS) for possible intrusion points, data loss or other threats.

Learn More
Back To Top