When it comes to threat hunting, you can’t just throw your net out and see what you catch. You need a starting point - something specific you can look for that is most likely connected to or will lead you to a threat. We refer to these as hunt hypotheses.
The Kognos security platform is a relationship-centric autonomous XDR investigator platform that fuses events from existing EDR, NDR, SIEM and other telemetry sources into semantic relationship graphs. Kognos then continuously monitors billions of these relationships to detect suspicious behavior.
With automated hunting and recipes you can share with the community, you can eliminate the challenges with IP or the risk of sharing threat intel - and the community can get stronger and share these hunts with each other.
As the cybersecurity industry continues to make tremendous technological progress, criminal organizations and nation state adversaries continue to evolve as well. As an industry, it is more crucial now than ever that we continue to push for innovative technology solutions that allow us to see the current blind spots we face.
Prior to Kognos, our founding team was working at RSA, McAfee, Juniper, and Dell with a combined experience of 100+ years in cyber security. We all noticed how our customers’ skilled analyst teams were struggling to manage and understand exploding numbers of alerts that our event-based products generated.
Traditional analytical methods are still seeking a singular, atomic detections. Instead, we should be using our resources to increase situational awareness and leverage the relationships already found in existing data to intelligently follow interesting tracks throughout the network.
Kognos continuously monitors billions of relationships to detect suspicious behavior. Once detected, Kognos uses an AI powered inquiry engine to ask thousands of forensic questions per second to fully contextualize the attack and present the findings as complete attack campaigns, allowing the analyst to respond in real-time.