FORENSICS AUTOMATION

Transforming to an Intelligence Driven SOC

To overcome forensics limitations and complexities, WireX IRP (Incident Response Platform) automates analysis efforts so that security professionals at all levels, i.e. Security managers, SOC operators, analysts and incident response teams—can make faster and more informed decisions based on the actual content of network conversations, rather than just the metadata.

WireX IRP sensors continuously monitor all parts of the enterprise network, translate it into content and behaviour-aware intelligence that can be immediately understood and provide a fast and intuitive interface for querying and researching network-born activities.

Contextual Capture

WireX’s groundbreaking technology eliminates the need to store raw packets by reconstructing the entire OSI stack, continuously extracting application contents and uncovering user behaviours:

  • Full stack behavioural analysis, classifies the user actions performed within each application
  • Real-time reconstruction and extraction of application contents, such as file transfers, emails, chats, DB transactions, authentications, as well as remote desktop sessions
  • Customisable analysis modules to provide the same level of visibility into proprietary business applications, as it does for enterprise applications

Powerful Monitoring and Federated Analytics

Distributed architecture designed to deliver true sustainable visibility into 100Gbps networks:

  • High performance database, optimised for large deployments
  • Scalable capacity to store many months of complete intelligence
  • Advanced filtering capabilities for analysing and/or capturing traffic selectively
  • Intuitive query language enables powerful retrieval of relevant data, without wasting precious time on manual examination of network packets and sessions
  • Centralised management for a secure, single point of view, allowing multi-site and multi-sensor investigations

Forensics and Response Framework

Streamline your forensics processes with adaptive and easy to use investigation tools that allow security professionals at all levels to handle security incidents quickly and effectively:

  • Integration with the existing security infrastructure, such as leading SIEM solutions and data enrichment tools—host and IP reputation, Sandbox, etc.
  • Built-in case management to support the entire investigation life-cycle
  • Investigation playbook modelling capabilities, support collaboration across team members

 

 

Find out more about Forensics Automation:

Privacy Consent

9 + 7 =

“After implementing WireX, we realised extraordinary benefits in accuracy, visibility and control of our security environment. Events that require my staff to put hands on a device have dropped to zero and what would have previously been undiscovered has been identified, categorised and acted on swiftly and decisively.”

Ed Tavares – Hawaiian Electric Industries

The largest supplier of electricity in Hawaii

DATASHEETS:

  1. WireX IRP Datasheet

WHITE PAPERS:

1. Top 3 Requirements