CIRT – Cyber Intelligence & Response Technology

 

WHO OWNS YOUR NETWORK?

LEVERAGE CYBER SECURITY SOFTWARE WITH FULLY INTEGRATED DATA AUDITING, NETWORK FORENSICS AND COMPUTER FORENSICS TO FIND OUT.

Despite the investment in perimeter defense technologies, organizations are still faced with detecting, analyzing and remediating spillage incidents and exploits that have made it past the firewall, IDS and SIM. HTeT’s new solution, CIRT (Cyber Intelligence and Response Technology), is the first product to integrate large-scale data auditing, network-based analysis and host-based analysis into a single, easy-to-use interface. CIRT enables government and commercial organizations to effectively address data spillage, external threats and internal threats, aiding incident response by providing the most comprehensive view into critical data. By integrating the network analysis capabilities of SilentRunner, the multi-machine enterprise analysis capabilities of AD Enterprise and the large-scale document auditing and analysis capabilities of AD eDiscovery, HTeT delivers the premier information assurance and incident response software – CIRT.

INCIDENT RESPONSE AND COUNTERINTELLIGENCE

This automated, integrated incident response software allows you to proactively and reactively identify, analyze and remediate security incidents of any kind, including zero day events, hacking, internal security breaches and advanced persistent threats. For example, using CIRT, an organization can scan thousands of computers across the enterprise to proactively identify rogue executables existing on the network. Incident response teams can perform root cause analysis, play back incidents in real time to fully understand how the exploit proliferated, identify all affected nodes and, most importantly, remediate the threats. Finally, using the intelligence gathered with CIRT during incident analysis, you can build threat profiles and mitigate the recurrence of threats in the future.
No other cyber security software product delivers a single interface, within which, you can analyze and correlate static host data, volatile data and network traffic. Furthermore, no other incident response product offers the secure, remote “batch remediation” capabilities of HTeT’s CIRT.

CLASSIFIED / CONFIDENTIAL SPILLAGE AND PCI COMPLIANCE

In addition to network analysis and host analysis, CIRT also provides integrated, automated document auditing. Using CIRT, you can perform automated enterprise audits to locate classified, confidential and personally identifiable information (PII) spillage. Using the integrated network and host analysis, you can then zero in on where the data leakage originated , tracing it back to its source and the user who either deliberately or inadvertently caused the problem. Finally, CIRT enables you to flag all classified / confidential documents that exist in unapproved locations. Or if your policies allow, you can use CIRT to “batch wipe” all classified/confidential data, remotely and securely.

PRODUCT FEATURES

 

INCIDENT RESPONSE AND CYBER COUNTER INTEL

 

Powerful Incident Response, Including Deep Analysis of All Live Processes
  • Advanced agent-side search and analysis of live memory on Windows machines across the enterprise.
  • Correlate static network forensics data and volatile incident response data within the same interface.
  • Incident response console enables rapid review and analysis of key volatile data elements in an easy-to-use format with views of data across machines and across time.
  • Integrated analysis and forensic collection of network shares.
  • GUI-integrated, secure remediation
    • Right click process kill during an IR investigation.
    • Batch Remediation allows authorized personnel to automatically remediate threats on multiple machines at the same time, which is critical to preventing widespread damage due to fast-proliferating threats.
Analyze Multiple Nodes Across the Enterprise
  • Preview static and volatile data on multiple machines from a remote location.
  • Active directory and ePO integration enable quick identification and selection of nodes.
  • The industry’s first one-click acquisition of hard drives, RAM and volatile data.
  • Automated Batch Acquisition of devices and RAM to streamline large multi-node evidence collections.
  • Thorough data capture includes individual files, deleted files, unallocated space and logical volumes.
  • Easy-to-use data processing wizard that automatically categorizes, indexes and exposes data.
  • Search and collect from network shares.
  • Market-leading decryption software with password recovery and cracking features.
Real-Time Network Forensics Capture and Visualization
  • Built-in SilentRunner Sentinel technology promiscuously monitors and records network traffic in all seven layers of the OSI stack.
  • Monitors more than 1,500 protocols and services out of the box.
  • Advanced visualization tools allow you to create a picture of communication flows to swiftly expose anomalies, illegal connections and security and network problems.
  • Real-time network data is stored in a central database that can be queried.
  • Using interactive graphical representations illustrating propagation, you can efficiently analyze users, hosts, domains, applications, protocols and addresses — detecting changes or abnormalities from established network baselines.
  • Capture and analyze wireless Ethernet 802.11b and 802.11g.
Pattern and Content Analysis
  • Determine the root cause of a cyber security breach or quickly distinguish between diversionary and truly malicious incidents.
  • Map virus, worm and confidential data leakage proliferation to perform root cause analysis and identify all nodes and users in an incident.
  • Independent of keyword or linguistic matching, you can determine how proprietary or inappropriate information proliferated from code servers, HR or financial databases, R&D labs and others.
Network Forensic Analysis and On-Demand Incident Playback
  • CIRT stores and catalogs network data into a central repository allowing you to play back the exact sequence of events aiding to ensure effective and accurate digital investigations.
  • Directly visualize audit logs and alerts, and correlate actual network traffic to provide a complete picture of activity around the time a suspicious event occurred.
  • Conduct post-event analysis and reconstruct events in their exact sequence to immediately uncover the source of an incident.
    • CIRT maintains a millisecond clock to record packet timing.
    • Quickly determine communication precedent and data proliferation.
CLASSIFIED SPILLAGE AND DATA AUDITING FOR NETWORK FORENSICS

 

Ease of Use with Efficient, Process-oriented Workflow
  • An automated, efficient way to detect data leakage and enforce PCI compliance.
  • Greatly reduce the time and expense associated with network-wide auditing by automating and standardizing the process.
  • User-friendly web interface.
  • Determine where potentially classified or personal data lives and categorize it by data type.
  • Centrally control your audits while managing ongoing search operations.
  • Extensive logging of all discovery activity for chain of custody and auditing purposes.
  • Extensive dash boarding and reporting capabilities clearly convey, in real time, project status and results.
Superior Smart-Target Searching
  • Search and collect both structured and unstructured data, including SharePoint, Oracle, OpenText, Exchange and databases — without the installation of agents.
  • Conduct automated audits using virtually any search criteria, including
    • Keywords, such as “Eyes Only,” using regular expression or Boolean
    • Users
    • Data source (email, networks shares, workstations, structured data)
    • Data type
    • Metadata (size, date, location)
    • File hash
Enhance Incident Response with the The Power to Act Immediately, Effectively and Securely
  • Flag non-compliant files and log their locations for manual remediation operations or wipe them from a central location.
  • Batch remediation functionality enables secure remediation of multiple machines in an automated manner.
  • Strict, granular, role-based permission system allows only authorized personnel to conduct only the tasks that have been assigned to them.

 

CIRT – Cyber Intelligence and Response Technology is a best computer and network security software, integrated with large-scale data auditing, network and host based analysis into a single interface. CIRT software provides secure internal investigation solutions.

Contact Us

Registered Office (Mumbai)
HIGH-TECH e-TECHNOLOGIES PVT.LTD.
2102,21st Floor, Guruprabha Apt,
Senapati Bapat Marg, Dadar (West),
Mumbai - 400 028, India.
+91 22 2436 7119 info@htepl.com
  1. Put Your Details Here

Business Partner

Group Site