Fenror7’s line of lateral movement detection products allows near immediate detection of attacks, providing CISOs and security teams with valuable information about what goes on in their network. All of our easy to use products are designed to work out of the box in most common organizational network environments, independent of the number or types of IP devices connected to the network.
Fenror7’s Multi-Site enterprise solutions provide a single management point for multiple engine servers. Our scalable multi-site solution is designed for large enterprises with data centers spread out over multiple geographic locations, and consists of a multi-site management server and detection engines based on our stand-alone W-series servers.
Fenror7 W-series is our stand-alone lateral movement detection product, providing single-site organizations with the same detection capabilities of Fenror7’s enterprise solutions.
Fenror7 Cloud lets organizations operating with a cloud topology take advantage of Fenror7’s game changing lateral movement detection engines by providing cloud based detection.
Using existing detection solutions, internal attacks go undetected for many months. Fenror7’s patented engines provide near immediate detection giving your organization time to defend itself at the early stages of an attack.
Other detection methods often rely heavily on detecting exploitations of specific vulnerabilities or analyzing user behavior. While these detection methods can detect attacks, they are in many ways similar to looking through a key hole, and missing the bigger picture. This is due to the fact that they require constant updates and can be bypassed easily by introducing slight variations to known attack methods. While exploits and payloads can be changed easily by attackers, they will not be able to avoid moving laterally within the enterprise as they move towards their ultimate goals.
Both Fenror7 multi-site, and Fenror7 stand-alone are able to integrate fully with any standard SIEM system. Fenror7 is also capable of integrating with AD as well as Network Access Control systems and Firewalls, allowing you to get more out of these systems.
Both the multi-site and the stand-alone products run on fully patched and hardened Linux servers, and are designed as out-of-band solutions connected to a network tap.