guardian icon
Need for a better defense.
Conventional cyber defense methods use a signature-based approach that can leave your organization blind to complex threats and left in a reactionary state. Our Cyber Analytics platform provides a proactive defensive strategy, delivering you actionable information of your network activity to ensure you have the best protection as threats continue to evolve. Coupled with periodic auditing and assessment strategies, we can provide a holistic view of the health and compliance of your network.

Our flagship platform, Occulex™, provides a truly unique understanding of your networks. Its spatial analysis visualizations provide a Cyber-MRI™ of the behaviors exhibited external to and internal to your enterprise. The platform offers a long-view defense capability providing a deeper understanding of both threats, and operations on your infrastructure.

The Occulex platform is driven by a patented methodology that uses aggregate behaviors to make sense of the long-term behavior patterns of networked devices. This approach allows us to scale our analysis of network data compared to packet-based analysis approaches. The unique approach is to establish using a rich understanding of behavior primitives that facilitates long-view situation awareness. This approach differs from, but is complementary too, the reactive defensive posture created by today’s short-view CND technologies (e.g. firewalls, endpoint security, IPS/IDS).

The platform was created from a prototype developed that began in 2006 with funding from DHS S&T. We have shared our data and methodology with a number of government agencies and organizations to promote the use of aggregate behaviors in network defense.

Cyber Behavior Analytics
  • Slide 0
  • Slide 1

Our Cyber Behavioral Analytics capability uses behavioral aggregation creates a unique view into the inner workings of attack vectors used by complex agents such as nation states. This enables a long-view establishment of situational awareness, and complements the short-view capabilities. Two important aspects of our approach are the use of a layered detection methodology and a combined fusion and discovery architecture.

A key aspect of our approach in the use of a layered detection model is that it is designed as a five level framework. This approach will support the fusion and abstraction of heterogeneous sensor types at lower levels and allows for flexible feature extraction, aggregation, correlation, and classification at higher levels.

Most current capabilities are operating on raw data well within Layer 1 within our model.  By leveraging aggregation of network data and events in Layer 2 and 3 data during analysis, we can scale by aggregation techniques, providing a very unique perspective into network devices operating within our IT infrastructure.

Cyber Analytics Services
  • Slide 0
  • Slide 1

We have leveraged Occulex to enable comprehensive Cyber Analytics Services to clients providing various capabilities to determine cyber-baseline on your IT infrastructure, which focuses on system compliance, threat behaviors, and normal operations. These periodic assessments can be used to uncover unknown risks, increase network compliance, and develop a deep understanding of holistic behaviors found within your enterprise.

Government clients can benefit from a deep understanding of the tactics, techniques, and procedures associated with outside cyber threats uncovered by our threat assessment service.

Small businesses can use our cyber health assessment service to get a clearer understanding of their networked infrastructure prior to committing to specific technologies and methodologies to improve their security infrastructure and implement new security policies.

All organizations can assess their compliance to their security policies by understanding the overall behaviors exhibited on the inside and outside of their networks, and comparing behaviors external and internal to their firewalls.

We then offer a set of follow-on services for:

  • Organizational threat profile development to proactively manage risk
  • Periodic Cyber Analytics assessment
  • Behavior network forensics
  • Penetration testing
  • Policy development