Huntsman Security’s patented Behaviour Anomaly Detection (BAD2) engine is integrated into its SIEM to provide real-time machine learning capabilities to detect unknown threats.
Huntsman Security’s SIEM analyses activity, based on the organisation’s risks, threats and vulnerabilities, to learn normal patterns of behaviour and activity. Armed with activity baselines, it detects threats or suspicious activity that differs from expected behaviour. Huntsman Security’s SIEM can detect:
By dynamically profiling multiple variables with sophisticated in-stream behavioural algorithms, the detection engine adapts to changes and trends over time; either adjusting and relearning “normal” values or using fixed/pre-set baselines, depending on the nature of the environment and risk.
Behavioural Analysis - Network Data Transfer Anomaly
Huntsman SIEM Live Dashboard - Dark Version
EXPLORE OTHER SIEM FEATURES
Built-in high speed detection capabilities, matched to the MITRE ATT&CK® framework
Extensive automated response script and command execution capabilities
Any data set within the system easily translated into a report and automatically published to a relevant stakeholder
Complete support for the alert triage, investigation and response lifecycle
Let’s explore how Huntsman Security solutions can support your cyber resilience