Comprehensive Cybersecurity Platform in USA

1
Seceons Comprehensive Cybersecurity Platform -
Seceon ? 1 ( 978)-923-0040 ? info_at_seceon.com
Seceons Comprehensive Cybersecurity Platform by
Randy Blasik Jan 6, 2023 aiXDR, Cyber
Security Company, Cybersecurity Solution,
Ransomware Detection, Service Security Providers
0 comments
Type your text
Seceons comprehensive platform includes more
than 15 tools like ai, ml, vulnerability
assessment, SIEM, SOAR, UEBA, NBAD, NTA, EDR, TI,
but our focus for today is an area that
frequently comes up in conversation with
customers and partners alike.
?
2
Seceons Comprehensive Cybersecurity Platform -
Seceon
Does your current cybersecurity Solution
discover and remediate unwanted bot activities,
malware, lateral movements, credential theft, and
insider threats both on-prem and across the
cloud? Seceons aiXDR solution discovers and
remediates a comprehensive list of threats,
exploits, attacks, suspicious activities, and
non-conformance/non-compliance items, including
Zero-Day and advanced malware with sophisticated
evasive techniques. The Table below is an
indicative subset of the exhaustive threat
models implemented in the product.
Threat Models
Description
Trojan Horse Activity
Suspicious Trojan activity detected in the
network.
Unusual activity by an insider with valid
credentials. This could indicate a user with
malicious intent or potential compromise of that
users credentials.
Insider Threat/Compromised Credentials
An alert to indicate policy violations based on
provisioned rules (granular policies like micro-
segmentation of network).
Policy Violation
A host is suspected to be infected based on
correlation of all indicators of compromise.
Suspicious Infected Host
A network of private computers infected with
malicious software and controlled as a group
without the owners knowledge, e.g., to send
spam or syn messages.
Botnet Detected
Spank attack is a form of DDoS attack where the
attacker utilizes multicast addresses as source
Spank Attack
3
Seceons Comprehensive Cybersecurity Platform -
Seceon
Threat Models Description
addresses to multiply the bandwidth consumed by the network and the targeted host. addresses to multiply the bandwidth consumed by the network and the targeted host.
Potential Data Raid Detection of potential data breach or data raid from critical assets.
Potential Exploit System has observed traffic patterns that would indicate an attempt to exploit system vulnerability.
Attacks that use massive amount of traffic saturating Volumetric DDoS the bandwidth of the target. Volumetric attacks are easy to generate using Protocol ( TCP/UDP) Flood. Attacks that use massive amount of traffic saturating Volumetric DDoS the bandwidth of the target. Volumetric attacks are easy to generate using Protocol ( TCP/UDP) Flood.
RC4 Attack Potential RC-4 Encryption Vulnerability exploitation detected
Suspicious Account Creation Insider Threat An account created for malicious intent by an Insider Administrator.
Brute Force Attack Brute Force login attack on a particular host.
Known Virus or Worm Infection Host infected with virus or worm with known signature (hash)
Potential Web Exploit System has observed traffic patterns that would indicate attempts to exploit Web Application vulnerability.
Potential Vulnerability Exploit System has observed traffic patterns that would indicate an attempt by a host to exploit application vulnerabilities present on other host(s)
ICMP DDoS ICMP FLOOD based attack detection
Server or endpoint infected with malicious
software (including fileless)
Malware Infected Host
4
Seceons Comprehensive Cybersecurity Platform -
Seceon
Threat Models
Description
An insider who could be causing leakage of
business sensitive information including privacy
protected data (e.g PII, PHI), advertently or
inadvertently from a high- value asset to an USB
drive
Insider Threat (USB)
Unusual user activity is mapped with entities
(databases, servers, applications) accessed and
correlated with spike in data transferred from an
internal IP/Port to another internal or external
IP/Port to arrive at data exfiltration as
potential Threat Indicator
Data Exfiltration
DDoS Amplification
Amplification based DDoS attack detection
DDoS TCP Syn
TCP SYN based DDoS attack detection.
Dangerous malware that can encrypt the entire
disk and hold endpoints/server hostage in lieu
of demand for ransom
Ransomware
DNS Tunneling
DNS Tunneling
Compromised Credentials
User Credentials are suspected to be compromised
Socially engineered email that allures the
recipient to a spurious website with malicious
intent
Phishing Attack
Zero Day Malware
Malware without prior detection and known
signature
Attempts by a malware (worm or botnet) to move
from one endpoint/server to another with the
intent of enhancing damage and/or reaching its
target (server/application/database/storage)
Lateral Movement
Command Control Center (CC)
Attempts by a malware to establish communication
with its Command Control Center through
various means Backdoors, Domain Generation
Algorithms (DGA), Beaconing etc.
5
Address - 238 Littleton Road Suite 206 Westford,
MA 01886 Phone no - 1 (978)-923-0040 Email Id
- sales_at_seceon.com Website - https//www.seceon.c
om/