Sangfor’s Cyber Command platform significantly improves overall security detection and response capabilities by monitoring internal network traffic, correlating existing security events, applying AI and behavior analysis, all aided by global threat intelligence. Unlike other solutions, Cyber Command uncovers breaches of existing security controls while impact analysis identifies hidden threat within the network. Because Cyber Command integrates network and endpoint security solutions, administrator’s ability to navigate and understand the overall threat landscape is significantly improved, and response to threat is automated and simplified. Cyber Command can be trusted to improve overall IT security and risk posture.
1. Sophisticated Detection by closely monitoring every step of the cybersecurity attack chain.
The Cyber Command Analysis Center collects a broad range of network and security data including North-South and East-West traffic data, logs from network gateways and EDRs, decodes it using network applications like DNS or mail, and applies AI analysis to uncover undesirable behavior. As Cyber Command is paired with threat intelligence, attacks on all level of the attack chain are detected, meaning faster alerts to exploitation attempts, slow brute force attacks, C&C activities, lateral movements, P2P traffic, and data theft.
2. Faster and More Efficient Response delivered using incident investigation and tight integration with network and endpoint security solutions.
The Cyber Command Response Center provides a broad range of attack investigation experience, all presented visually within the attack chain. Threat mitigation is prioritized based on the criticality of the at-risk business assets. Combined with Sangfor Endpoint Secure and NGAF, Cyber Command provides flexible and effective mitigation in a timely manner, offering recommendations for policy or patching, endpoint correlation and network correlation.
3. Simplify Threat Hunting
Cyber Command helps security administrators to perform comprehensive impact analysis of known breaches and to track “patient zero,” by evaluating all possible points of entrance. Cyber Command’s unique “Golden Eye” feature studies the behavior of compromised assets like inbound and outbound connections and usage of ports and protocols, and uses this valuable information to strengthen external and internal system defenses.