What is Attack Tracing & Intercept (ATI)?

Security analysts are challenged to quickly identify false positives and to retrace the steps of credible attacks.

ATI radically compresses investigation time by presenting all causally connected activities across systems, users, and time.

Screen Shot 2021-06-24 at 2.28_edited.pn

Fast: Immediate, focused view of  activities leading to and following your alerts

 

Accurate: Causal activity based on ground-truth data

Complete: Captures the entire attack across systems, users, and extended time periods

What is this alert?

From your existing alert centers (e.g. SIEM, NGFW, CWP, etc.), ATI helps you immediately identify false positives versus live attacks.

What is this threat?

Investigate any alert with a complete view of the attack to quickly understand its entry point and scope, replacing manual steps to figure out what happened before and after.

What is happening?

Your spidey-sense is tingling!  Quickly identify issues on a system, or with a user, or an application,by viewing causal activity.

Spyderbat fuses third-party security alerts and context to the Operations Plane in real-time, instantly identifying:

False Positives

The full attack steps of true positives

Would-be false negatives

Screen Shot 2021-06-24 at 2.37_edited.pn

An alert with no causal outcome

Screen Shot 2021-06-24 at 2.47_edited.pn
false negative_edited.png

A focused view on causal activity preceding and following an alert, including other alerts

An alert initially deemed a false positive or ignored with subsequent causal activity

Additional Resources

Video

No Registration Required

Stop Worrying About What is Missing

  (3 mins)

  • What is the Detection and Response Chasm

  • How Attack Tracing & Intercept captures critical details by their Causal Connections

  • How the ATI Operations Plane proactively works to create fast, accurate, and complete attack traces

Whitepaper

No Registration Required

Attack Tracing & Intercept: Fast and Accurate Investigation Automation

 (13 min read)

On-Demand Webinar

No Registration Required

The Impact of Attack Tracing & Intercept on Security Investigations

  (35 mins)