Threat Intelligence PlatformMonitoring, reporting, alerting. In realtime.
Combats the new breed of cyber threats including advanced persistent threats, zero day malware, cybercrime and any previously unidentified attacks with Crypteia Network’s innovative security-as-service solutions.Contact us for a 30-day free trial
MOREAL - Overview
By using MOREAL Threat Intelligence platform, organizations gain awareness with regard to the security incidents and threats that take place within their infrastructures.
To develop such threat awareness, MOREAL is based on big-data analytics principles, along with correlation of primal information brought out from logs provided by the underlying network and network security infrastructure.
|More precisely, logs are initially analysed, correlated, and collated with Open Source and Crypteia Networks Security intelligence to generate secondary and trietary threat intelligence by the Threat Intelligence Engine of the MOREAL platform.|
|Then our Engine augments threat knowledge by behavioural, and statistical analytics, as well as, reputation pattern matching. The MOREAL core reasoning process is found on computations on graph and meta-graph models that are generated from any internal and external connection that can be logged.|
|In particular, graphs and meta-graphs are processed with algorithms that compute efficiently plausible threat paths with a likelihood scoring approach based on observations of the protected infrastucture and Security Intelligence in terms of IP reputation, malware, and traffic patterns.|
MOREAL - Screenshots
MSSP Dashboards provide a security overview of your multi-organization infrastructure.
Branch dashboards provide insight on the organization level.
The live monitoring screen contains charts generated from logs, that derive from assigned devices.
Alert dashboards allow analysts to gather intelligence from a detailed view of events related to selected network entities.
The alert mechanism is based on rules, which can be custom tailored according to user needs.
The events screen displays all the events registered by devices assigned to the user’s account.
Crypteia Threat Intelligence & Management Service from PCCW Global delivers:
- A new layer of defence, complementing existing ones and maximizing value of network logs already generated & collected by your clients
- Non-intrusive and scalable cloud-based solution for rapid deployment
- Threat aggregation and behavioural analysis identifies threats in their infancy
- Real-time mitigation recommendations
- New visibility into existing security systems and hardware
Crypteia Threat Intelligence & Management Service enables your clients to achieve optimal security by:
- Utilizing advanced behavioural analytics and machine learning to help distinguish real threats from ones that cause non-productive, costly actions
- Generating actionable reports via a single intuitive dashboard
- Viewing network / security health and utilisation in real-time
- Leveraging a global threat database that uses Big Data Analytics and crowd sourcing to identify emerging threats
- Using advanced correlation engines for known and unknown threat identification, now penetrating and potentially already existing in your clients’ network
- Deploying enhanced security simply and quickly via a pure cloud solution, with an on-prem option available
- Offering your clients a pay-as-they-grow subscription model with low total cost of ownership
PCCW Global’s Crypteia Managed Security Services are delivered from three resilient Security Operations Centres (SOCs) worldwide. These centres integrate seamlessly to provide continuous operations, with all locations staffed and fully functional around the clock, every day of the year. State of the art video conferencing and voice communication technologies, as well as instant communication tools, enable tight collaboration between our certified team of Security Analysts at our SOCs.
Critical information systems are replicated in real-time, ensuring uninterrupted 24x7x365 service delivery uptime under all circumstances. Each of the PCCW Global Crypteia SOCs are self-sufficient and operate from carrier-grade facilities that have redundant ISP connections, back-up power generators and redundant systems to maintain service delivery for all customers.
Features of our global SOCs:
- Ability to provide 24/7/365 monitoring, analysis, response and reporting coverage as needed
- Our human analysis and assessment tools review the data and apply “behavioural analytics” or user / network anomalous activity – generating “actionable” alerts and reducing false positives
- With our multiple global sites, we are collecting threat intelligence from all areas of the globe and across all leading industries, enabling us to provide relevant security guidance to your organization
- Utilize/monitor all of the leading security management devices across the enterprise to achieve optimal security posture
- Consult and guide the application of new security strategies and tools
- Work within SLAs with high-quality and rapid response time and incident handling
- Deliver customized monthly reports (on incidents, status, trends, etc)
- Offer Service Desk support for troubleshooting
- Staff (Analysts and Engineers) with 40+ industry practitioner certifications
- All SOC procedures certified under the following international standards:
- ISO 27001:2013
- ISO 9001:2008
ThreatDB is a platform that aims to collect and aggregate data from several different Threat Information Sources into a unique structure. It has as a main purpose to make security information easily accessible to any kind of Threat Intelligence System.Read more
Extracting the most significant activity in a network with millions of transactions is a challenging task, but one that is critical in the process of analyzing behaviours, detecting issues and recognizing the most significant interactions in a monitored network. GraphIQ is a MOREAL component that aims to aid in this task, leveraging low-level and high-level information from other MOREAL ThreatIQ components.Read more
Anomaly detection (AD) is a ThreatIQ component that detects suspicious behavior based on “deviations” from historical models of activity. The justification for using anomaly detection for inferring suspicious behavior is based on the observation that many malicious actions leave a footprint that significantly changes the typical behavior of an entity.Read more
Behavioural Clustering is a ThreatIQ component that groups entities utilizing attributes such as proximity and similarity by behaviour (collection of MOREAL aggregated metrics) and extracts information from those groups about the severity of each entity based on security events associated with the group.Read more
Want to give MOREAL a try? Get in touch with us to gain access to the 30-day free trial of MOREAL without any further commitments.Contact us for a 30-day free trial