Threat Analytics Platform (TAP)
Provides enterprise-wide visibility, codified detection expertise and guided investigation workflows against cyber-attacks. Applies threat intelligence, expert rules and advanced security data analytics to noisy event data streams. Reveals suspicious behavior patterns and generates alerts. Uses scalable, thin network sensors to provide real-time visibility across the enterprise, including remote locations.
Deployed as either hardware or software, collectors passively watch network traffic and construct events to describe the activity it sees. Event data is compressed, encrypted and sent to the cloud for centralized log retention, real-time threat analysis and incident investigation. Network sensors are centrally managed from the cloud.