Security Analytics

The ProtectWise Grid

ENTERPRISE SECURITY PLATFORM

[ RECORD EVERYTHING ]

Time Machine

The ProtectWise Grid™ combines unlimited visibility and the detection of complex threats that
develop over time, giving the security team the strategic advantage to hunt and investigate threats
through every stage of an attack. By harnessing the power of the cloud, ProtectWise has the unique
ability to create an unlimited retention window with full-fidelity forensics, automated retrospection
and advanced visualization—all with the ease and cost-savings of an on-demand deployment model.

[ ADAPTIVE NETWORK CAPTURE ]

Configure sensors to capture netflow, metadata, truncated flows or full-fidelity PCAP by protocol and application.

 [ UNLIMITED FORENSIC RECORDING ]

Measure impact of newly discovered attacks going back into weeks, months or even years of past data.

[ FLEXIBLE NETWORK COVERAGE ]

Deploy sensors quickly across complex networks to improve visibility without installing and maintaining hardware.

[ SECURE API ACCESS ]

Easily integrate with existing security monitoring and workflow tools using ProtectWise comprehensive APIs.

[ UNIFIED DATA HAYSTACK ]

Consolidate all network traffic into a single, secure data store in the cloud for more powerful analytics and network threat intelligence.

[ FAST, INTUITIVE SEARCH ]

Quickly search network traffic to find the data you need to speed incident response and determine if your network has been compromised.

[ SECURE & OPTIMIZED ]

How it Works

The ProtectWise lightweight software sensors quickly deploy anywhere in the network, on any kind
of network, to optimize and passively replay all network traffic into the secure cloud platform. You
can place an unlimited number of sensors at the gateway, in the DMZ, in the corporate cloud and at
the network core.

[ PAST, PRESENT, FUTURE ]

Wisdom Engine

The ProtectWise Wisdom Engine is the closest you will come to network omniscience. By using cloud economies of scale, it provides
powerful threat detection capabilities that are not possible using standalone appliances.
These include continuous cross-customer correlation of threat intelligence and the industry’s only automated retrospection capability.

[ NETWORK SHATTERING ]

Captures, and analyzes entire netflow using deep packet inspection of more than 4,000 applications and protocols.

[ TIME MACHINE ANALYTICS ]

Real-time intelligence triggers the retrospection and continuous rescoring of historical traffic.

[ REAL TIME & RETROSPECTIVE ANALYSIS ]

Detects threats in real time and automatically replays stored packets to discover previously unknown threats. Correlates intelligence from proprietary research, machine learning and flow-based traffic algorithms as well as multiple third party threat intelligence feeds.

[ COLLECTIVE NOISE REDUCTION ]

Collaborative correlation of security events across customers creates a feedback loop that de-noises the security environment. It’s a shared brain that constantly learns, adapts, reduces false positives, and eliminates alarm fatigue.

[ SEE. ASSESS. RESPOND. ]

Security Visualized

Cut through the noise to quickly identify and respond to the high-priority threats. The ProtectWise Visualizer is an overview
of your network security which allows strategic exploration into a deeper forensic workbench with powerful collaboration tools.
An immersive and intuitive experience is achieved through:

[ HEADS UP DISPLAY ]

Comprehensive view of network health. Includes attack spiral, timeline, connection graph, and prioritized security events.

[ SITREP ]

Situational reporting on security events by killchain stage, threat type and severity across past and current timelines.

[ KILLBOX ]

Advanced threat visualization, deep packet exploration, event tagging, alarm management and raw PCAP download.

[ NETWORK PROFILER ]

Full visibility into network traffic and bandwidth consumption. Set data capture and replay policies for all networks, applications and protocols.

[ TRUSTED & SECURE ]

Trust, Security & Privacy by Design

Delivering the highest levels of trust, security and privacy available is our mission at ProtectWise.
Our architecture, application and operations are designed to put you in complete control of your
data. The ProtectWise Grid introduces no additional risk to the process of analyzing security data.
Don’t just take our word for it, we work with leading third-party organizations to adhere to industry best practices.

DOWNLOAD TRUST, SECURITY & PRIVACY WHITEPAPER

[ INTEGRATE SEAMLESSLY ]

Integration

You can integrate existing security solutions with the ProtectWise system to improve your security environment.

[ PLAYS NICELY WITH OTHERS ]

ProtectWise secure APIs work with almost any technology in the world. You can send outside data streams and analysis to the ProtectWise Visualizer or pump ProtectWise data and analytical feeds into your own proprietary visualization.

[ DEVELOPER-FRIENDLY ]

Integration is facilitated by a comprehensive set of publicly documented, secure APIs. This includes both restful and streaming APIs.