Unlogged Activity Detection
In conjunction with enterprise log correlation tools (Splunk, ELSA, LogRhythm, etc.), quickly detect and sessionize network activity that may have been removed from log buffers prior to being written to disk.
Data Exfiltration Detection
Log exfiltrated files with 5-Tuple indexing and hash details for comparing data, taking actions and retrieving sessionized PCAPs for forensics.
Phishing Preparation Detection
Detect and log all URIs traversing the network, from targeted phishing emails to web traffic, and alert when internal traffic accesses those URIs, automatically sessionizing the corresponding traffic for human validation and remediation.
Malware Infiltration Detection
Detect, Classify and Extract objects (files, URLs, IP Addresses, etc.) in real-time to inspect and take appropriate actions to enrich cyber investigations and generate alerts.
Indicators & Signatures Alerting
Multi-level signature and behavior event session search and logging, with visualization through DPI visualizer. Configure groupings of signature and unusual behavior alerts dynamically while in the fight, while real-time IDS alerting generates event logs for HTTP, Files, DNS, email, user agents, TLS/SSL, VoIP – all automatically correlated with PCAP and IPFIX flow records.
Pick your SentryWire System!
Browse the different SentryWire Solutions to find the one that is perfect for your organization.