Traditional security and vulnerability study products omit at least 40% of what is physically wired to the network because they do not look for unknown addresses. Because these solutions take too much analysis time and consume too much network resources, they are often used outside office hours.
This means that IT security teams can not achieve complete cyber visibility on these mobile, virtual and cloud elements that were simply not present at the time of the scan.
The SPECTER solution addresses these issues and provides real-time security information, using recursive network indexing techniques and analyzing network state change through comprehensive network protocol analysis (OSPF, BGP, ARP, DHCP, DNS, ICMPv6, etc.),
Spectrum is designed to provide full visibility of the cyber situation, in real-time and dynamically, as mobile, virtual, cloud, physical and virtual network elements evolve
Analyzes the network infrastructure
Installs as a router (without routing function) to monitor real-time changes to the network address space / routing table being used.
Discover changes to network boundaries
in real time
Validate the profile of the new elements in minutes, as long as they are present
Identifies in minutes the new physical or virtual elements connecting to the network, and provides a dynamic visualization of the changes.
Lumeta Spectre Scout Legend 1. OSPF LSA Indexing 2. BGP Peer Indexing 3. AWS Active + Passive Broadcast Indexing 4. DMZ Active Indexing through site-site VPN 5. Active + Passive Broadcast Indexing
The Specter solution uses complementary data streams (open source and commercial threat detection solutions) and correlates them with its indexed metadata for:
Find out in minutes if command and control infrastructures (C2) known on the Internet are accessible within the perimeter of your network
Find out in minutes if known Dark Web (TOR) output nodes are accessible from anywhere within your network.
Discover recently compromised zombies that work on your network
Enrich the Spectrum Hadoop Distributed File System (HDFS) database by adding NetFlow and other data streams, to provide deeper security information for faster correction.
Fournir une identification en temps réel des modifications apportées à l'utilisation du port TCP / UDP, ce qui peut être un indicateur de compromission - par exemple, les violations d'utilisation RDP et FTP.
Identify in real time harmful TCP / UDP ports used by known malware attacks.
Analyze all segments of the network
Discover new active networks in real time.
Discover the networks become non-reactive and inaccessible in a few minutes.
Sending alarms and network segmentation alerts to SIEMs, GRCs, or Device Policy Checkers for immediate resolution.
Find Level 3 Leak Paths from Internal Critical Networks to the Internet or Between Real-Time Network Enclaves
The « Leak Paths » is the most used attack vector by cybercriminals!
A "Leak Path" is an unauthorized incoming or outgoing connection route to the Internet or subnets. A "Leak Path" crosses the perimeter of the network or between secure areas. For example, this may take the form of an unsecured transfer device exposed to the Internet, or manifest as a forgotten open link to a former trading partner.
Spectrum makes it possible to identify all the "Leak Paths", not only the existing ones, but also the new ones, created in real time that can be attributed to a bad configuration or a malicious activity.
The exfiltration of intellectual property
Secure personal health data
Comply with the new GDPR standard
computer due diligence in case of merger and acquisition