Insider Threat (analyze|predict|detect|assess)
Most insider threat solutions provide post-mortem analysis to help identify malicious actors and their behaviors, and assess the extent of damage and loss. While this is a necessary process, it doesn't help detect, deter and prevent malicious insider activities. Our iNformer™ Insider Threat product provides near-real time behavioral analytics and rich visualization analysis capabilities that enable organizations to understand and anticipate malicious activity rather than simply reacting after sensitive data has been compromised. With iNformer™, organizations can discover and stop malicious insider activity without sacrificing productivity. iNformer™ leverages sophisticated behavioral analytics combined with business logic to protect against the unauthorized access and disclosure of sensitive and protected assets. iNovex works with experts in the field of behavioral psychology to develop adaptive pattern analytics and algorithms that detect unusual user behavior - behavioral footprints that can actually predict future malicious activity. Armed with the ability to identify potential malicious actors, organizations can take necessary action and precautions.
Cyber Defense (protect|deter|defend)
Our cyber experts establish and maintain real-time network awareness and threat identification to forecast, alert, and attribute malicious activity, and enable Computer Network Operations. We create, use and maintain tools and processes to determine and report the configuration and activities of networks of interest to predict, detect, defeat, and attribute exploitations and attacks. We provide alert and incident response services to defend customer networks, providing technical assistance and supporting collaborative planning and Computer Network Operations. We conduct malware analysis including commercial, open-source and custom software. We've engineered tools for network-event chaining to reduce false positives due to generic signatures. We've developed custom modules to capture the malware's network behavior while gathering additional host artifacts left by the malware, and custom scripts to extract function and stack information from malware. We build custom modules to capture host data in a malware analysis environment in order to enrich the organization’s repository of malware indicators. We develop custom reporting frameworks around open-source malware analysis tools to enable comparisons among other collected relational data.
Cyber Security (IA|engineer|validate)
Our systems and security engineers implement compliant IA practices and technologies to ensure the confidentiality, integrity and availability of our customers' data assets. We protect organizational data in accordance with appropriate guidelines, standards, policy and public law. We perform Vulnerability & Risk Assessment, Penetration Testing, Design Engineering, Security Awareness Training, Compliance, and Security Operations.
Our security engineers leverage existing security design patterns and solutions to the maximum extent possible and adhere to the security principles outlined in our Architecture Roadmap. We verify the design meets all system requirements such as Public Key Infrastructure-PKI controlled access and other web security requirements as outlined in our customers’ security policies. We employ Mahout and other machine learning tools through MapReduce to perform statistical analysis on data to calculate the standard deviation and outliers of the data to detect anomalies.