CySight Technical Specification

Tech Spec: Integrated Intelligent Network and Cloud Observability without packet decryption.

Cyber Anomaly, Endpoint Threat and Change Detection, Encrypted Traffic Analytics with Predictive AI Baselining, Ultra-Visibility, and Mitigation.

Multi-Focal, agentless with integrated Network Detection Response (NDR), Extended Detection (XDR), Endpoint Detection (EDR), and Forensics, using Machine Learning, compressed big data, and pattern recognition to identify, diagnose, and mitigate.

Using CySight, SecOps and NetOps can instantly find the origin and reasons for changed behavior of network-connected assets and groups with precision and unequaled visibility, assessing risk, eliminating Unexpected Traffic, Ransomware, DDoS and other Threats to rapidly restore operations.

CySight provides continuous and ubiquitous security and risk visibility and control over every IP-connected Device, Asset, Application and Service across your entire organization.

Cybercrime, virtualization, regulatory restrictions, IT complexity, and a severe shortage of cyber and network professionals are impacting organizations. Encryption, surface scraping, and siloed data hinder security and network visibility.

Encryption has become the new normal, driven by privacy and security concerns. Enterprises are finding it increasingly more difficult to figure out what traffic is bad and what isn’t. Encryption’s exponential adoption has created a significant security visibility challenge globally. Threat actors are now using the lack of decryption to avoid detection.

Encrypted data cannot be analyzed, making network risks harder or impossible to see. More than 95% of internet traffic is now encrypted, denying Deep Packet Inspection (DPI) and other tools that use decrypted packets to inspect traffic and identify risks.

DPI and other techniques that decode packets to detect threats have traditionally been expensive to deploy and maintain and have now entered obsolescence.

Organizations lose threat intelligence as the threat surface grows. Security and networking professionals overlook serious threats due to network blindspots caused by 99% of network and cyber technologies preserving less than 1% of network data.

CySight provides on-premises and cloud Cyber detection and forensics and improves Security, Application visibility, Zero Trust, and Billing with 20x more visibility than its competitors combined.

By comparing traffic to global threat criteria, it detects hacked hosts, Ransomware, DDoS, and suspicious traffic using Flow from readily available networking equipment, securing network, cloud, IoT, and endpoints without packet decryption.

CySight records flows at unprecedented depth, in a compact footprint, connecting context and applying Machine Learning, Predictive AI, and Zero Trust micro-segmentation.

IT incidents and security risk assessments are time-sensitive. CySight triages security behaviors and end-point threats with multi-focal telemetry and contextual information using smart network predictive AI baselining technology to give relevant teams timely actionable knowledge to detect and mitigate risks that other solutions cannot.

HIGHLIGHTS

CySight’s innovative cyber network auditing adds critical Defense-in-Depth Threat intelligence and Baselining to see, find, and manage outliers with deep contextual forensics using Correlation, Machine Learning, and AI Diagnostics to detect network impacts and risks even when traffic is encrypted.

CySight provides 20x visibility than its competitors combined.

SOLUTION FEATURES

The only full-featured monitoring system that delivers big data benefits in a compact footprint.

Baselines begin learning out the box making deployments fast and easy. 

The Longer it runs the smarter it becomes!

Provides a consistent user and feature experience across all network and cloud devices by employing the same management user interface.

A single, easy open workflow interface correlates endpoint and behavioral anomaly detection.

RESTful web-based API with powerful report automation, IPAM (chart of accounts), machine learning and AI diagnostics to baseline and discover your company’s most important data, apps, assets, and services (DAAS).

SOLUTION BENEFITS

Cost effective solution for all medium to huge locations.

CySight uses machine learning and predictive AI to protect customer investments.

Simple but versatile licensing configurations and granularity options make the product easy to buy and scale.

CySight’s AI-Driven Machine Learning and Predictive AI autonomously baselines, measures, monitors, every network asset and endpoint, on-premise or cloud, identifying cyber threats and high-risk outliers in real-time.

Why Customers Choose CySight

  • Intelligent Baselining, Threat Intelligence, Machine Learning, and A.I. Cyber Forensic Diagnostics to uncover hidden threats without requiring Packet Decryption.
  • Identifies Ransomware, DDoS, ToR, and other outliers with real-time attack maps.
  • Scalable dropless granular contextual analytics enables the deepest Retention Scalability of flow data globally for network and cloud visibility and security.
  • Flexible open analytics supports the broadest Vendor agnostic metadata with unprecedented Network and Cloud Visibility to see and eliminate blindspots.
  • Multifunctional, affordable & feature-rich.
  • Improves Defense in Depth using powerful visualization, forensics, and alerting.
  • Competing technologies capture just surface level network flows and are limited by encryption and are single telemetry oriented, resulting in inaccurate analytics and risk!

Take Control of your Network

To detect cyberthreats and improve zero trust, capture and retention must scale. It is necessary to baseline and analyze all interactions between servers, cloud systems, users, devices, and applications, providing granular intelligence in typical enterprises, campuses, governments, ISPs, and MSPs without losing critical flow records.

The key objective of Predictive AI Baselining and Machine Learning coupled with deep Forensics is to significantly improve visibility of Network Traffic eliminating network blindspots and providing qualified sources and reasons of communications that impact business continuity.

The ability to collect flow at a more granular level provides the ability to analyze new applications and mitigate risks unseen by other solutions.

The CySight Advantage

CySightʼs Predictive AI Baselining learns multi-focal micro and macro baselines of every network and cloud connected asset and communication even when encrypted. Unique integrated granularity, machine learning, A.I. and end-point threat correlation detect changes and unusual network asset behaviors that other solutions miss with early warning and mitigation of cyber threats such as: DDoS, Ransomware, insider threats, negligence and more.

CySight’s advanced netflow auditing is available for on-premise and cloud deployments. Multi-tenancy collection, portal, and automated reporting provide the ability to automate data mining which can be integrated with upstream services and scales to suit large infrastructures, Managed Service providers (MSPʼs) and Internet Service Providers and Telco (ISPʼs) who are seeking to deliver advanced threat intelligence, network analytics, managed services, and compliance.

Threat Intelligence based on global threat knowledge powers an advanced threat intelligence engine correlating, identifying, and detailing communications with nefarious endpoints in real-time that are known to be risky such as Ransomware, ToR, Botnets, Malware and illicit p2p traffic.

Not all security solutions are created equal. In actuality, few have been purposefully designed to satisfy the requirements of modern hybrid enterprises and their constantly evolving network environments.

CySight’s Integrated Observability, Machine Learning-based Anomaly Detection and Automated AI Diagnostics consists of a comprehensive Intrusion Detection System (IDS) comprised of big-data learning, detection and artificial intelligence diagnostic engines that work together to find network behavior anomalies with automated problem-solving processes to pinpoint, mitigate and qualify the reason(s) for an anomaly.

Secure and Streamline Your Data Everywhere

  • Baseline and identify unexpected changes of behavior of key business services and servers and automatically be alerted to the impact of outliers.
  • Gain visibility of endpoint (EDR) and behavioral based threats (XDR) to identify viruses, hacking, multicast, DDoS, Ransomware, peer-to-peer (P2P) and worms.
  • Archive information for regulatory, compliance and Lawful Intercept requirements. Retain full definition retention for compliance (sox, basel2, iso9000, ASGAR, Data Retention Compliance, Insurance) with long-term historical track and trace capabilities of all traffic to and from your key business systems.
  • Account for all traffic to key business services on even the largest of environments on-prem or in the cloud and identify inappropriate network access.
  • Reduce costs by substantially speeding up Mean Time To Repair (MTTR) and recovery using Automated Diagnostics and Deep Traffic Accounting.
  • Monitor and manage Peering and Service Level Agreements (SLA) ensuring usage policies enforced.
  • Capacity Plan and forecast capacity requirements. Plan for expansion of your organizationʼs key business servers, data centers or whole of network needs and validate WAN Bottlenecks and Optimization.
  • Accurately plan network changes and new application rollouts and Justify bandwidth upgrades.
  • Identify network performance issues with comprehensive root cause analysis and forensics monitoring and customized QoS values.