FlowIntelligence™ Cyber Analyst

Advanced Deep Packet Inspection and Cyber Intelligence

HIGHLIGHTS

Deep Visibility

  • Collect network flows and analyze network applications through Layer 7 of the OSI model from the enterprise
  • Centralized and distributed analysis
  • Generate metadata for network events with more than 60 log types
  • Identify suspicious or malicious files embedded in network flows

Dynamic Analysis

  • Dynamic analysis with integrated threat intelligence indicators and enhanced events from the FlowIntelligence™ Cloud
  • Identify network and application anomalous behavior
  • Identify cover channels and events related to cyber campaigns
  • Advanced file scanning and analysis framework with machine learning malware analysis engine

Open Architecture

  • Open and extensible sensor engine with ability to add functionality via plug-in architecture
  • Threat information sharing via embedded open data exchange API and message broker technology
  • Interface with third-party tools and solutions via embedded SOAR and open data exchange API

Cyber Intelligence as a Service

The complexity of networks, applications and services creates additional pressure on enterprise and service provider cyber analyst to identify network events as well as detect, mitigate and protect from cyber threats. Network-based based applications, social media, Email, SCADA and Internet of Things (IoT) all bring risk of an unwanted or undesirable event in the network. Identifying external and internal threats, lateral movement from a network event as well as data exfiltration adds complexity and challenges for the security operations teams. They now have to address multiple questions for the network ecosystem, including:

  • How to effectively collect and analyze every session in the network?
  • How to identify complex or advanced events, threats and malware?
  • How to identify internal threat actors and related events, lateral movement of threats and the scope of their movement?
  • How can the cyber analyst implement dynamic analysis of the threat landscape?
  • How can the organization protect users or subscribers from threats, web services or sites with poor reputation or know risks, identify potential applications that may be harmful to users or subscribers and block known malware embedded in network traffic?
  • How can the cyber analyst perform automated deep file inspection and analysis for advanced malware detection?
  • How can the organization ensure that network operations meet the data regulations and compliance requirements?

Bivio Networks’ Cyber Analyst is a key component of the FlowIntelligence™ solutions for effective defense of enterprise and service provider networks. It answers these questions plus provides proactive, cyber intelligence capabilities.

Distributed Operations

FlowIntelligence Cyber Analyst features the ability to operate in an enhanced, distributed mode. The solution supports implementing collection platforms throughout the network and forwarding the network events via an embedded communications framework to a centralized logging process. New event definitions are sent via the framework to the collection workers for augmented analysis. Additionally, the collection workers share data among themselves to aid in advanced event identification.

Turn-Key Solution

Cyber Analyst is delivered as a turn-key deep packet inspection and cyber intelligence solution on Bivio Networks FlowIntelligence Adaptive Cyber Defense platforms. The Adaptive Cyber Defense platforms permits the solution to scale from the small and medium enterprise to the Fortune 100 and Service network speeds.

The feature-rich hardware platforms are designed with carrier-grade redundancy qualities to ensure non-stop operations. The solution incorporates an optical bypass switch for in-line operations to ensure mission-critical support for Bivio Networks’ customers.

Scaling the sensor environment for each organization is done by our Solutions Architects. They can perform a comprehensive analysis to identify, design and deliver a complete solution to meet the organization’s requirements.

Summary

Cyber Analyst is comprehensive, advanced deep packet inspection and cyber intelligence solution. It contains intelligent features for innovative detection of network events, threats and malware to protect users and network subscribers. It is in an elite class for its performance, features and capabilities. Contact the Bivio Networks sales team to see how Cyber Analyst can enhance your cyber security operations team.