With automated hunting and recipes you can share with the community, you can eliminate the challenges with IP or the risk of sharing threat intel - and the community can get stronger and share these hunts with each other.
As the cybersecurity industry continues to make tremendous technological progress, criminal organizations and nation state adversaries continue to evolve as well. As an industry, it is more crucial now than ever that we continue to push for innovative technology solutions that allow us to see the current blind spots we face.
Prior to Kognos, our founding team was working at RSA, McAfee, Juniper, and Dell with a combined experience of 100+ years in cyber security. We all noticed how our customers’ skilled analyst teams were struggling to manage and understand exploding numbers of alerts that our event-based products generated.
Traditional analytical methods are still seeking a singular, atomic detections. Instead, we should be using our resources to increase situational awareness and leverage the relationships already found in existing data to intelligently follow interesting tracks throughout the network.
In today’s hyper-distributed security environment, organizations have to assume their environments are already breached or will be breached. The only way to stay secure in this new world is to reduce the amount of time we let attackers dwell within our environments.
With so much focus on external actors, malicious insiders are often overlooked as serious threats. Malicious insiders could be current and former employees, contractors, partners, or service providers who had/have a legitimate reason for using the infrastructure, but have malicious intent.
Kognos continuously monitors billions of relationships to detect suspicious behavior. Once detected, Kognos uses an AI powered inquiry engine to ask thousands of forensic questions per second to fully contextualize the attack and present the findings as complete attack campaigns, allowing the analyst to respond in real-time.