Start Identifying and Addressing Anomalies

RiskForesight anomaly detection with machine learning enables you to quickly and easily identify suspicious and abnormal behavior, intruders, and business issues.

Identify the following anomalies:

  • Source to destination by data type
  • Data-transfer by volume
  • Find possible misconfigurations
  • DNS communications by volume, source, destination, socket, protocol, and datatype
  • Statistically abnormal communications within population by session and datatype
  • Statistically abnormal communications by host
anomaly detection

Anomaly Detection with RiskForesight

Detect Abnormal Sessions 

Could be an indicator of a hacker or misconfigured service attempting to establish or establishing inappropriate communications

Detect Abnormal Data-Transfer Movement

Could be an indicator of a hacker or misconfigured service moving large volumes of data. Movement in large volumes of data could be data leaving the enterprise  or a misconfigured service consuming bandwidth

Detect Possible Misconfigurations

Possible misconfigured or compromised services behaving out of bounds for expected operations

Detect Abnormal DNS Communications

Helps to identify potential DNS attacks

Detect Abnormal Hosts Communications

Helps to identify inappropriate or inadvertent communications between workloads within a population by host

Detect Abnormal Communications by Host

Helps identify infrequent communications in addition to a sudden shift in baseline communications by the same workload

anomaly detection with machine learning

Take Automated Actions

Take actions based on NSX Security Groups and Distributed Firewall Policies:

  • Define security boundaries
  • Identify anomalies and deviations from typical behavior based on network data from NSX Flows
  • Gain insight with analytics dashboards
  • Stay in tune with alerts on the security of your network with detailed notifications

As a core Enterprise Solution for your Security Operation Center and security engineering teams, RiskForesight Anomaly Detection confronts threats and improves your overall cyber and compliance risk posture.