Why we have decided to build a new solution ? We have identified a market gap, catering to a specific niche of customers who: Despite our business-driven approach, we have expanded our technical capabilities and now offer sophisticated metadata analytics to detect threats, resulting in the development of our Impact Detection Engine (IDE). More information […]
We started with a Network Detection and Response (NDR) product that utilizes NetFlow analytics to assess the reputation of IP addresses in all communication flows. Our approach involves leveraging both public community-based Thread Intelligence (TI) sources and commercial ones to raise alarms when a company asset communicates with an Internet IP address that has a […]
NetFlow is a protocol developed originally by Cisco Systems. It’s used to monitor and then analyze network traffic. It transports metadata about the traffic including source and destination IP addresses, ports and the protocol. Such metadata can be generated by network devices like routers, firewalls, access points or servers and send to Sec.one Cloud for […]
This article explains how to perform basic investigation using SECONE Threat Hunting application. Application generates the alarms based on NetFlow (IP address reputation) and Syslog Web Proxy logs (domain/URL reputation). This manual is for users who have registered tenant and configured network devices to send NetFlow to SEC.ONE. The first step is to use the […]