The Huntsman® Behaviour Anomaly Detection brochure outlines how the technology engine uses patented machine-based learning techniques to deliver true behaviour-based profiling and detection, and is proven to detect threats that are not detected by standard rules and signatures.
The capability enables your analysts to pinpoint and investigate real-time cyber security
attacks designed to circumvent traditional security controls, such as:
• Advanced Persistent Threats (APTs)
• Smart, customized and targeted malware
• Malicious or negligent insiders who abuse their access to put data or IP at risk
• Compliance breaches that require complex interrelated rule sets to be detected
• ‘Unknown’ and ‘unknowable’ external and internal threats that simply can’t be
second-guessed by analysts
Huntsman Behavioural Anomaly Detection is an integral part of the Huntsman
Enterprise SIEM (including the Cloud and MSSP editions).
• Unique and powerful solution for automated real-time monitoring, investigation and resolution of
enterprise security threats;
• Automated collection and analysis of the relevant threat information necessary to resolve immediately verified threats and dismiss false positives;
• Automated workflow to streamline the investigation process and quickly and accurately identify compromised
IT assets resulting from an attack;
• Integration with major cybersecurity solutions to identify, prove and resolve malware and unknowable threats.
Real-time threat detection
Huntsman collects and processes data in real-time – so all received events, activity
and log data pass through its correlation and analytic engines “in stream”, rather than
being stored and/or indexed in a database for historical or periodic analysis.
This means real-time alerts are generated and directly despatched to operators,
updating dashboard displays and triggering notifications so threats can be contained or averted and data losses can be stemmed.