Machine learning
Incoherence Index: it represents the deviation from
the «normal» behaviour of the network.
It is generated by the Bayesian algorithms designed by the Data Driven Innovation and Cyber Security teams.
Our Machine Learning engine is based on Bayesian Networks, Support Vector Machine and Bootstrap analysis.
Data mining
Alarms generated by the advanced analytics are
developed by the Data Driven Innovation team working closely alongside our security experts.
They are able to do in near real-time more than the analysis that a human network forensic analyst would do.
On top of the standard analysis, to check the network traffic connections such as geo-localisation, protocols, quantity of data and so on, our team has developed advanced analytics to spot threats such as Drive by Download, Ransomware,
DGA, IP flux and more, with continual study and tuning of the analytics applied to ensure mutations of malicious tool and/or process are incorporated into the engine.
Threat intelligence
Combines the use of publicly available OSINT
sources and threat intelligence provided by the
Malware Lab to identify malicious IPs and DNS, TOR
exit nodes and malware inside the traffic analysed by the sensors. We have numerous honeypots around
the globe to spot the latest attacking techniques.
The threat intelligence engine gives capabilities such as
automatic detection of malware and attacks, scans
identification of schemas, correlations and attack patterns.