Easy to use
Knogin Hunter is a plug and play Security Analytics platform that can manage multiple types of data in multiple ways and present it to you in a unified single pane of glass.
That system allows you to quickly analyse all events related to a specific occurence and view it in multiple different ways so that you don’t need to use several investigative tools. Knogin has all of the research capabilities a SOC needs in one platform.
We use Neural Networking, an AI Stepping Stone, to help us to understand context in many different scenarios, which is another advantage we can give with our cloud based solution.
Eyes on the prize
Criminals often research known vulnerabilities and then search across the Internet for systems which may be vulnerable to that specific exploit. They indiscriminately attack vulnerable organisations with a goal of joining their compromised hosts to their network and using them to attack or extort another victim, or censor a government. We keep our eyes on the prize to ensure that if you’re targeted you’ll know straight away.
How is Knogin different
You sign up for knogin with a web form. We give you the relevant config files for your network gear and the agents that you need to deploy monitoring on your servers, workstations and laptops. On that same account you click “Dashboards” and once you’ve either deployed the agent or implemented the required config on your network devices you will see data on your dashboards.
It takes as long as you want it to. You don’t need consultants and you don’t need to invoke a whole deployment project if you don’t think you need to. We are plug and play for organisations of between 1 to 1,000,000 employees.
You pay per user, so there’s no complicated log volume calculations and no overage fees.
Knogin Hunter enriches events with further information when they are received. For instance, if an IP address is included with an event, the system will enrich the data with Geo info based on that IP.
The system also queries multiple Threat Intelligence providers and correlates information about known bad IPs or Indicators of Compromise (IoCs) and enriches events with the pertinent information if it is relevant.