Detection Modules are used to gain visibility of the organization’s infrastructure at many levels (network traffic, system behaviors, vulnerabilities, cloud infrastructures, amongst others) and to identify potential cyber threats that need to be manually investigated.
Network Detection
Network Detection Module allows traffic to be analyzed using Certego’s network sensors (physical and virtual) provided on loan for use, and correlates logs and events generated by security systems and equipment in the customer’s infrastructure, such as firewall, antivirus, domain controller, DNS / DHCP server, etc.
Endpoint Detection
By installing a telemetry agent, this module affords maximum visibility of the endpoints, enabling it to monitor the activities of processes and services within the system and identify any suspicious circumstances by working in conjunction with Certego’s Threat Intelligence services.
Native Cloud Protection
Enabling and configuring this module offers the same functions as the Network Detection module within the cloud perimeter, and allows native logs generated by the proprietary logics of the main Cloud platforms, such as Amazon Web Services, Google Cloud Platform and Microsoft Azure to be acquired and processed.
Continuous Vulnerability Assessment
Enables a Continuous Vulnerability Assessment harnessing specific scanners to search continuously for vulnerabilities on systems and applications. This module provides specific indications about the security status of IT systems, and rapidly activates any incident response procedures when vulnerabilities are detected.