🔹 Main Functions:
-
Real-time attack detection (including fileless and file-based threats)
-
Incident investigation with detailed attack chain analysis
-
Automatic response (host isolation, change rollback)
-
SIEM integration (Ankey SIEM NG and third-party systems)
🔹 Technological Features:
✔ Behavioral analysis (signature-independent)
✔ MITRE ATT&CK framework support for adversary tactics
✔ Low system load (optimized agent)
✔ Centralized management via a single console
🔹 Advantages:
-
0-day threat and complex malware detection
-
Cross-platform support
-
Ready-made report templates for compliance with standards