- In-house probe(s), internal/external analysis server and analysis tools
- Detecting compromises when your automated solutions have been hacked and assisting against in-house human errors and behaviour, while providing an increased understanding of your network.
Based on a non-intrusive, passive network probe situated inside the network, Derant's Compromise Detection performs deep anomaly analysis, identifying subtle abnormalities, revealing known and unknown attackers. The solution is 100% independent of signatures, patterns, AI and other statistics. It also detects unknown code, unknown attackers and unknown modus operandi. The solution does not try to guess what a hacker will do – it identifies non-approved activities.
Up to 90% of all compromises are due to human mistakes, either by users or in the IT-department (forgotten patches, firewalls not working as expected, configuration errors etc.). Derant’s solutions have proven to detect compromises exploiting these human mistakes.
Attacks commonly use legitimate processes, hiding their illegitimate efforts ("living off the land"). Derant has warranted finding such compromises, where automated solutions have failed.
The compromise detection works equally well on administrative networks and production networks, SCADA & IoT with proprietary protocols.
Current clients describe Derant’s solution as the “last line of defence” – the solution detecting compromises surpassing existing security measures.
The solution is also offered as a managed service, where Derant’s specialists perform the analysis and evaluation of anomalies.
Contact us to hear how we can provide your last line of defence against compromises already in your network.