Threat Detection System
Intelligence driven threat detection for your network
Identify malicious activities in your internal network to prevent intrusions, attacks, data leaks, and espionage
Immediate notifications on all relevant malware families
Identification of infected devices in your company’s wireless networks
Manual log analysis and allocation of critical incidents by Group-IB experts
User-friendly web interface and detailed reports on detected threat
Daily and automatically updated filter rules and signatures
24/7 support via a convenient ticket system
What is TDS
Group-IB TDS (Threat Detection System) is an effective tool to identify network anomalies and cyber threats in real-time which are targeting your network. This system is based on Group-IB’s unique expertise and threat intelligence foundation.
Group-IB TDS is a component of Group-IB’s early warning system of products all of which contribute to the effectiveness of TDS to protect your network. Group-IB TDS is also supported 24/7 by Group-IB’s SOC team to provide recommendations on remediation and mitigation techniques to your security specialists.With Group-IB TDS, you can ensure your network is protected from the most advanced cyber threats and threat actors.
infected computers in Botnets have anti-virus software installed
1 500 000+
computers became part of the Carberp botnet
the average time it takes the company to detect a targeted attack
stolen from banks by APT-groups in mid 2015 – the beginning of 2016
|Knowledge of actual threats with signature based detection and 24/7 support|
|Outsourcing log analysis and manually sieving out the most important events|
|Flexible set-up to integrate with IT infrastructure|
|Rapid incident response and digital evidence provided in accordance with international standards|
How TDS works
- Identifies infected device communication with Command and Control (C&C) servers, network anomalies and conducts user behavioral analysis to identify suspicious network activity.
- Analyzes suspicious objects in Group-IB’s sandbox, Polygon, in order to identify attacks at the earliest stage.
Identifies attacks on your network from:
- Malicious e-mails
- Attacks on browsers
- Attacks using unknown malware or tools
Group-IB’s sandbox, Polygon, based on machine learning, identifies suspicious files and classifies them on their level of danger to your network.
- Identifies all information security incidents in a web-interface to organize events for your security team.
- Suspicious incidents are analyzed by Group-IB’s SOC team and classified for your security team 24/7/365.
- A convenient ticketing system ensures that all inquiries and responses are easily tracked and addressed.
follow url TDS is a physical network sensor with a DPI solution installed for analysis of all inbound and outbound packages. A set of signatures, “black lists” of botnets, as well as filtering rules are automatically updated. Signature data is transmitted about detected incidents to Group-IB’s cloud through a secure channel where Group-IB specialists carefully analyze all suspicious events.
buy generic provigil canada Polygon launches suspicious files identified by the TDS sensor in an isolated environment in order to analyze the behavior of the file and make a conclusion on the level of the danger to the network.
order generic Lyrica SOC collects, correlates and classifies all information security events which have occurred on your network. Events are grouped by type and level of severity after being carefully analyzed by Group-IB specialist.
INDEPENDENT DATA ANALYSIS
TDS is a physical network sensor with a DPI solution installed for analysis of all inbound and outbound packages. A set of signatures, “black lists” of botnets, as well as filtering rules are automatically updated. Signature data is transmitted about detected incidents to Group-IB’s cloud through a secure channel where Group-IB specialists carefully analyze all suspicious events.
Polygon launches suspicious files identified by the TDS sensor in an isolated environment in order to analyze the behavior of the file and make a conclusion on the level of the danger to the network.
The events recorded by the TDS sensor can also be automatically sent to any SIEM or log storage system via the standard SYSLOG mechanism. It is also possible to organize an internal ticketing system to interact with your colleagues, record and track incidents on a local web-interface.
|Dimensions in mm||42,4 × 434 × 394,3||42,4 × 434 × 394,3||42,4 × 434 × 394,3|
|Power supply||1 × 250W||1 × 250W||2 × 350W|
|Network interfaces for traffic reception||1 × 1000BASE-T||2 × 1000BASE-T||4 × 1000BASE-T|
|Peak rate in Mbit/s||250||500||1 000|