Kognos for MSSPs reduces MTTD/MTTR metrics to mere minutes. Learn More.

Menu

The Kognos difference

A Revolutionary Way of Looking at Security Data.
The only way to autonomously identify and trace attackers in action is to leverage the power of relationships
Consider a campaign scenario where an attacker is already in your infrastructure and trying to laterally move from machine to machine. The attacker figures out RDP is a commonly used tool in the environment and uses it to connect to a second machine, runs some discovery commands, identifies some interesting files, and copies them back to the first machine. The attacker then repeats this process across multiple machines over weeks to go undetected.

Events vs. Relationships

Event-centric Analysis:

In an event-centric approach:

  • a security platform records multiple events for the above scenario
  • it cannot see the relationships forming between these events
  • evaluates each event or group in isolation
The resulting analysis:
Benign
Threat remains undetected.

Relationship-centric Analysis:

In a relationship-centric approach:

  • a security platform looks at events AND relationships between those events
  • it sees every suspicious activity the attacker does as connected relationships
  • evaluates all relationships the attacker is making with the infrastructure cumulatively

The resulting analysis:

Suspicious

Threat is detected in minutes.

Events give you alerts. Relationships give you attack campaigns.

The Kognos Autonomous XDR Investigator is built to natively understand relationships, and to detect even the subtlest of threats with high accuracy.

It allows the system to trace attacker activity across multiple machines, forging relationships between event data coming from an organization's existing telemetry source to trace the attackers path, hunt down suspicious activity, and investigate the chain of events to identify the complete attack campaign.

Kognos is the only solution that can trace complete attack campaigns in real-time

Trace

Active campaigns

Attempted campaigns

Failed campaigns

"Organizations can take their existing threat hunters and focus them where they need it most."
David Fairman
Chief Security Officer, Australia Bank
Kognos continuously monitors billions of relationships to detect suspicious behavior. Once detected, Kognos uses an AI powered inquiry engine to ask thousands of forensic questions per second to fully contextualize the attack and present the findings as complete attack campaigns, allowing the analyst to respond in real-time.

Contact

Oxygen Icon Box

2064 Walsh Ave, STE C1
Santa Clara, 
California - 95050

Oxygen Icon Box

info@kognos.io

Copyright © 2020 Kognos, Inc. All Rights Reserved.
envelopemap-markercross linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram