Fidelis Security
- Full, comprehensive real-time and retrospective visibility (all protocols, ports, packets and sessions);
- Full visibility across hybrid cloud / on-prem environments;
- Automating threat and data leak detection;
- Facilitating threat hunting;
- Intelligent Deception (mechanism of decoys and breadcrumbs);
- Automated response to threats in network and endpoint environments.
MORE INFORMATION:
Description of technology
Cloud Security - Cloud Access Security Broker
CASB - Cloud Access Security Broker (CASB) solutions have the following basic functions: SaaS application control and incident detection in the cloud, detection of leakage of sensitive data through cloud applications, detection of malware in the cloud resources of employees. Some CASBs allow retro-inspection - it scans previously saved employee files in cloud resources to detect security breaches (including data leakage, malware distribution). CASB can operate completely in the cloud, does not require physical devices, access through the cloud services API, does not require agents at the endpoint. Fidelis Email Security for Office 365 - the solution analyzes outgoing and incoming mail traffic for threats such as malware, dangerous attachments and command and control activities. In addition, Fidelis Network allows to analyze network traffic using the Azure Virtual Network TAP (Terminal Access Point) and Netgate TNSR for AWS.
DLP - Fidelis Network (a part of Fidelis XDR platform) is being able to monitor network traffic (NTA - Network Traffic Analysis) on all ports and all protocols. Thanks to built-in algorithms and deep visibility into data sent over the network, product has capabilities to detect and prevent data leakage incidents (N-DLP - Network Data Loss Prevention). Additionally, rules implemented into Fidelis Network, provide wide security controls to detect leaks of data including bank account information, payment cards numbers, names/surnames with date of birth, insurance numbers or other data defined as "sensitive".
FIDELIS DECEPTION - significantly improves the response time to post-breach threats (e.g. attacks within the network or prohibited actions). Deception automatically detects and classifies all network assets (including enterprise IoT devices) showing all their network connections at the same time (how and with what they connect). With such information, Fidelis Deception is able to create decoys using so-called breadcrumbs, thus tricking hackers by redirecting their actions to false assets. The protection is supplemented by an automatic process of adapting and updating decoy environment in case of any changes in network assets.
FIDELIS ENDPOINT - solution combines EPP (Endpoint Protection Platforms) and EDR (Endpoint Detection & Response) capabilities in one client available for Windows, Linux and MacOS. Fidelis Endpoint provides visibility of all endpoint activity and a multitude of response actions including: ability to isolate an endpoint, memory dump, processes’ analysis, quarantine files or jumpstart playbooks.
Fidelis Network - sensors use DPI (Deep Packet Inspection) and DSI (Deep Session Inspection) to detect network threats (from outside the network and inside threats), ATP, and command-and-control communication. Solution is able to block unauthorized access, restrict access on http proxy or SMTP gateway level. DSI’s detection is available on any port or protocol, including threats in embedded files. To ensure up-to-date security protection, Fidelis Network receives actual feeds from Threat Intelligence adapted to used DSI mechanism. Protection is empowered with security policies that automate actions after threat detection and support forensic.
Helpful files
Interested? Check our training offer.
SubscribeInstallation | Configuration | Use
Watch