SentryWire's Next-Gen Platform provides immense network throughput, limitless packet capture timelines, fast access to vast amounts of data, flexibility to use any analytics tools available and visibility into your enterprise. These innovative features make SentryWire the perfect platform for the following use cases.
SentryWire Use Cases
User Anomalous Behavior
Identify employees using unapproved applications or using applications in ways that violate policies, correlating meta-data about users, files and sessions with real-time threat information and using the correlations to provide situational awareness and alerts.
Log exfiltrated files with 5-Tuple indexing and hash info for comparing data, taking actions and retrieving packets for forensics.
Network Access Control (NAC) Analysis
Recieve real-time alerts of unauthorized network connectivity thru 5-Tuple indexing and logging, allowing the end-user to compare the data to a known list of approved network access points.
Malware Infiltration Detection
Detect, Classify and Extract objects (files, URLs, IP Addresses, Etc.) in real-time to inspect and take appropriate actions to enrich cyber investigations and generate alerts.
Network Behavior Anomaly Detection (NBAD)
Detect anomalies from normal network traffic behavior and correlate to a 5-Tuple index for root cause review.
Various Forensic Traffic Analysis Applications
Analyze captured data for suspicious traffic (such as non-DNS traffic over port 53, encrypted traffic over port 80, etc.) and alert the user of what they deem as suspicious user behavior.