Host-based Intrusion Detection System (HIDS)
Our agent runs at a host-level, combining anomaly and signature based technologies to detect intrusions or software misuse, monitor user activities, assess system configuration and detect vulnerabilities. This lightweight agent is designed to perform a number of tasks with the objective of detecting threats and, when necessary, trigger
automatic responses. The agent core capabilities are: log and events data collection, file and registry keys integrity monitoring, inventory of running processes and installed applications, monitoring of open ports and network configuration, detection of rootkits or malware artifacts, configuration assessment and policy monitoring.
Regulatory Compliance & Security Management
Our PIDS server provides necessary security controls, required by standards such as PCI DSS, HIPAA, GDPR and others. The solution aggregates and analyzes data from multiple systems, mapping security alerts with compliance requirements.. These features, combined with
its scalability and multi-platform support help organizations meet technical compliance requirements. Our web user interface provides reports and dashboards that can help with this and other regulations (e.g. GPG13 or GDPR).
Security Information and Event Management
The PIDS server is used to collect, analyze and correlate data, with the ability to deliver threat detection, compliance management and incident response capabilities. The servers are in charge of analyzing the data received from the agents, processing events through decoders and rules, and using threat intelligence to look for wellknown IOCs (Indicators Of Compromise).
Security Analytics
PIDS is used to collect, aggregate, index and analyze security data, helping organizations detect intrusions, threats and behavioral anomalies. As cyber threats are becoming more sophisticated, real-time monitoring and security analysis are needed for fast threat detection and remediation.
Log Data Analysis
PIDS agents read operating system and application logs, and securely forward them to a central manager for rule-based analysis and storage. The PIDS rules help make you aware of application or system errors, misconfigurations, attempted and/or successful malicious activities, policy violations and a variety of other security and operational issues.
Vulnerability Detection
PIDS agents pull software inventory data and send this information to the server, where it is correlated with continuously updated CVE (Common Vulnerabilities and Exposure) databases, in order to identify well-known vulnerable software. Automated vulnerability assessment helps you find the weak spots in your critical assets and take corrective action before attackers exploit them to sabotage your business or steal confidential data.
Configuration Assessment
PIDS monitors system and application configuration settings to ensure they are compliant with your security policies, standards and/or hardening guides. Agents perform periodic scans to detect applications that are known to be vulnerable, unpatched, or insecurely configured. Additionally, configuration checks can be customized, tailoring them to properly align with your organization. Alerts include recommendations for better configuration, references and mapping with regulatory compliance.
Intrusion Detection
The PIDS agent scans the monitored systems looking for malware, rootkits and suspicious anomalies. They can detect hidden files, cloaked processes or unregistered network listeners, as well as inconsistencies in system call responses.
File Integrity Monitoring
PIDS monitors the file system, identifying changes in content, permissions, ownership, and attributes of files that you need to keep an eye on. In addition, it natively identifies users and applications used to create or modify files.
Cloud Security
PIDS monitors system and application configuration settings to ensure they are compliant with your security policies, standards and/or hardening guides. Agents perform periodic scans to detect applications that are known to be vulnerable, unpatched, or insecurely configured. Additionally, configuration checks can be customized, tailoring them to properly align with your organization. Alerts include recommendations for better configuration, references and mapping with regulatory compliance.