Greycortex offers solutions for daily threat protection providing continuous network monitoring, detection, and threat response.

The mechanisms offered provide protection for IT and OT networks, such as SCADA, IoT, industrial, medical, transportation, and wireless technologies. They use machine learning algorithms powered by massive amounts of metadata to build an accurate behavioral model of the environment and minimize false positives.

Greycortex’s solutions are based on traffic copy, imaging unprecedented visibility into data flows, including unwanted ones.

The Greycortex Mendel solution is a support for network traffic analytics that protects against the effects of network integrity violations and provides:

  • effective protection against cyber attacks by monitoring network infrastructure, controlling configuration and access, and detecting abnormal network behavior
  • full visibility of network traffic down to the response level of individual application protocols. It continuously monitors the internal network and the devices within it, including external accesses and service interventions by its vendors.

Greycortex Mendel’s functionality includes:

The use of machine learning in the process of detecting threats

  • The system can distinguish between machine-to-machine communication and the way humans communicate,
  • Detects all behaviors that deviate from the norm and appear to be anomalous,
  • Finds hidden threats.

Stopping attacks when they occur

  • A simple interface allows you to apply a general or specific blockade against an attack
  • Configuration with other existing security tools in combination with the blocking capabilities it offers
  • MENDEL allows you to instantly (within seconds) resolve the threat.

Full network visibility, including BYOD/IoT devices

  • MENDEL recognizes traffic directed into and out of the network, as does communication between individual devices connected within the network,
  • Works with the same efficiency for BOYD/ IoT devices,
  • Performs visualization of individual devices and applications, not just layers,
  • Allows quick filtering of any network communication.

Faster decision with insight into the context of the event

  • Integrated blacklists and GeoIP module
  • SSL/TLS traffic decryption using private key importation
  • Identification of users on the network through integration with Active Directory
  • Precise correlation of detected threats
  • Events occurring in several branches of the organization will be recognized from a central location
  • Threats will be resolved in less than 2 minutes

Standalone solution or as an additional data source

  • Small and medium-sized enterprises gain the opportunity to receive similar results that SIEM platforms offer (at half the cost and 10 times less time)
  • Data export option for SIEM systems dedicated to larger IT Security teams
  • Incident management allows you to undertake more advanced analysis

Key benefits:

  • Preventing data breaches and leaks
  • Visualizing network traffic
  • Powering a SIEM-class solution with information
  • IT and OT network monitoring
  • Easy control through an intuitive user interface

The security team or SOC can see who is accessing what device and from where, and have a complete overview of all network activity. This visibility allows users to effectively manage access, modify and control the necessary device and network settings, thereby progressively increasing the security of the network infrastructure.