Continually colors the Spyderbat Behavior Context Web with risk.
- Spyderbat identifies suspicious activities as they occur, adding 'flags' to Spyderbat's Behavioral Context Web.
- Spyderbat’s detections cover the attack tactics in MITRE's ATT&CK Matrix for Linux and Kubernetes.
- Add your own detections from third-party systems to see their findings in context with preceding and subsequent activities to get the full picture.
Automatically chains together attack indicators based on their causal relationships.
- The Behavioral Context Web automatically connects suspicious activities together, even if separated across systems, user sessions, and long periods of time.
- Each red circle in the screenshot indicates one or more Spyderbat Flags set on the corresponding process or network connection.
- Immediately see the current progression of the attack with its origination point, even if weeks prior.
- See the full forensic details exactly as it occurred even across ephemeral containers no longer available or in a changed state.
Reassesses the risk of a Spydertrace with any new activity.
- Spyderscores account for the number of flags, the variety of flags, flag severity, as well as depth of activity and environmental factors.
- Spyderbat scales to monitor thousands to tens of thousands of Spydertraces simultaneously, acting as a watchdog to take action the moment a Spyderscore shoots up.
- Only this approach reliably catches
- Low-and-slow attacks.
- Malware (e.g. Ransomware, Cryptojacking) with long, random wait times.
- Subversive backdoors.
- True zerodays.