Detection Includes:
Signature
Does this match a pattern that I know is bad?
- Bro, SNORT, YARA, Hashing, blacklists, etc.
- Strong detection for known threats
- Strong detection for numerous attack techniques
Reputation
Has anyone else seen this before and what do they say about it?
- Strong detection for known threats
- Additional context for analysis
Behavior
Does this behave in a suspicious manner?
- Strong detection for previously unknown threats
- Strong detection for numerous attack techniques
Analytics
Is there something anomalous happening?
- Strong detection for previously unknown threats.
- Strong detection of anomalous activity.
Not only do we have a complete set of detection capabilities, Morphick’s Managed Detection and Response Service also leverages these detection methods to obtain synergies across all of them. For example, as attackers try to evade behavior-based detection, they often stand out to signature-based detection. By leveraging multiple detection methods, Morphick is able to continually detect and track attackers as they attempt to avoid detection.