Powerful, intuitive, non-intrusive network visibility and analysis
The first stage corresponds to the Identify portion of the NIST framework. The implementation has two basic deliverables:
- Creation of an overall view of the customer network, including passive, non-disruptive mapping of connections and behavior against individual entities with basic digital fingerprints. This is a foundation for scaling usage, and a solid starting point for more robust protection.
- Robust, intuitive portal supporting comparative analysis with expectations, existing policies, other asset mapping, and the development of trends over time. This functionality will carry through to other products for the development/monitoring/tuning of the Whitelist configuration engine.
Situational awareness for information security
The second product corresponds to the Detect stage of the NIST framework.
- Development of an initial Whitelist, with the ability to fine tune over time. This can be used to identify connections/actions that may need clarification.
- Configurable messages/alerts generated for information security personnel
- Integrated reporting to third party SIEMs and other security solutions
- Export of data in format that can be loaded into third-party firewalls
- Download of third-party firewall rules and comparison with StealthPath
Supercharging existing security protections
This set of capabilities corresponds to the Protect stage of the NIST framework, albeit with StealthPath working as an integrated “Detect” component and any actions being taken by third-party solutions. This is a productization of what we have been calling “StealthShield Lite.” In addition to providing actionable information to third-party solutions, this product also provides a simulation mode for candidates for full StealthShield protection.
- Full integration with select third party firewall and other security products
- Realtime anomaly alert functionality
- Configurable alert/block action specification (i.e. the potential to order the third-party software to stop or block a process based on event/ruleset)
- Enhanced management tools
Securing the Zero Trust future
The full range of Zero Trust protection, configurable at three levels:
- StealthCommand: configuration rulesets based on Fingerprints controlling access for entities including devices, applications, users, etc.
- StealthNetwork: Peer-peer connection between StealthPath-protected devices, incorporating Fingerprints, encryption, and independent multifactor identification.
- StealthMessage: configuration ruleset based on deep message inspection, including header and payload.