Perception is a dedicated cyber security tool designed to find malicious activity or configuration vulnerabilities on a network regardless of source or exploit. It analyses all network traffic at a network core, or multiple cores, and identifies types of behaviour of that traffic. It then carries out anomaly detection, and then carries out deeper analysis on the more unusual traffic through the network. The data collected by Perception includes everything an analyst could need to discover malicious activity, possible network vulnerabilities, or network misconfigurations. This data is presented to the analyst in the most simple format possible, so they can rapidly triage each behaviour, and with packet captures collected, they're able to see exactly what was travelling through the network if anything looks suspicious. We believe Perception can increase the efficiency of any analysis team by an order of magnitude, why don't you contact us for a free trial to see for yourself?
The Perception sensor is a 1U high blade server that plugs into a SPAN port or utilises a network tap. Completely invisible to the network, it has no effect on speed or network performance whilst it monitors. Multiple sensors can be used on the same network if multiple network cores are present, and they all send behavioural information back to a Central Correlation Server (CCS).
Introduced in our version 2.0 software update, ForensicAI is a feature built into the Perception CCS that is designed to generate alerts from the behaviours that Perception sensors generate. We spent a long time monitoring how our analysts identify vulnerabilities and malicious activity on a customer network, and built an artificial intelligence to mimic this task.
ForensicAI monitors all behaviours generated from the sensors and constantly correlates them with one another. As a result, the system can identify suspicious behaviour from a series of seemingly unconnected and benign individual activities over an extended period of time. ForensicAI allows Perception to generate alerts with extremely low false alarm rates and incredible detection rates.