Eknotec Network Security Monitoring is a managed security product that provides network intrusion detection with a physical or virtual appliance. Suspected threats are correlated for AI-enabled analysis using SKOUT’s analytics platform, SIEM, threat intelligence, and 24/7 365 Security Operations Center. Detect potential threat activity on your network like command and control connections, denial of service attacks, data exfiltration and reconnaissance.
Network Intrusion Detection
AI Analytics Engine
Physical or Virtual Appliance
Supports key industry and regulatory compliance standards such as continuous monitoring and network monitoring
Denial of Service (DoS) attacks - Identifying unusual traffic from organization-owned devices, being leveraged to perform a denial of service attack.
scripting attacks (XSS)
SQL Injection- Identifying layer-7 network signatures indicating a SQL injection attack designed to exfiltrate data from vulnerable web applications
FTP and cloud storage exfiltration - Monitoring network traffic over protocols that facilitate large data transfer and alerting when unusual quantities or file types are being transferred, or when the target is unknown or malicious.
Command and control communication - Network Monitoring can correlate network traffic to discover malware communicating with external attackers. This is a sign of a compromised account.
Eknotec Office 365 Security Monitoring is a managed security product that monitors Office 365 activity using SKOUT’s analytics platform, SIEM, threat intelligence, and 24/7 365 Security Operations Center to identify threat-like behavior such as unauthorized access to cloud mailboxes, admin changes in the environment, impossible logins, and brute force attacks.
SIEM Correlation & SOC Analysis
Support for custom alerting and reports
Visibility to login activity in the dashboard
Detects potential threats of suspicious activity in Office 365
Supports Industry & Regulatory Compliance requirements
Malicious Admin Changes- Track admin activity and changes to the O365 tenant
Unauthorized Delegate Access- Track when emails delegates are added
Foreign Login- Monitor geolocation access with IP location sourcing and login from suspicious or unusual countries
Impossible Login- Detect logins from different geolocations within a short period of time
Suspicious Email Forward- Alert when email forwarding rules have been created outside of the domain
MFA removed- Detect changes to MFA
Failed or unauthorized access - Detect failed or suspicious access attempt
Eknotec Log Security Monitoring is a managed security product that collects, aggregates, and normalizes log data from hundreds of sources for AI enabled analysis using SKOUT’s analytics platform, SIEM, threat intelligence, and 24/7 365 Security Operations Center. Identify threat-like behavior in your systems such as impossible logins, multi-factor bypass, coordinated attacks, and rogue agents.
Hundreds of Support Integrations
AI Analytics Engine
Deployment of physical or virtual appliance for on-prem logs (like syslog)
Supports key industry and regulatory compliance standards such as continuous monitoring and log retention
ROI on existing investments – Merge data from your existing security tools with multiple sources to provide greater visibility and re-use existing investment
Unauthorized Access- Monitoring who is accessing devices and where they connect to, and alert when source or target is unknown or suspicious.
Compromised User Credentials- Log Monitoring can use behavioral analysis to detect anomalous behavior by users, indicating a compromise. For example, logins at unusual hours or at unusual frequency.
Anomalous Privilege Escalation - Log Monitoring can detect users changing or escalating privileges for critical systems.
Third-party violations - Monitors activity by external vendors and partners who have access to organizational systems, to identify anomalous behavior or escalation of privileges.
Multi-vector Attacks – Correlate data from multiple sources to get consolidated visibility of multiple attack
Get your free 30 minutes consultation