The Security Data Problem

The security data problem creates network blindspots which threat actors exploit, to launch sophisticated, stealthy, low and slow style attacks.

The security data problem explained in 3 minutes

All external cyberattacks, by definition, combine network activity with activity on endpoints – attackers gain remote access to endpoints, become persistent, perform reconnaissance and move laterally within the IT environment.

Conventional NDR technologies identify WHAT is flowing around the network, but have no visibility into WHO is causing the flow, nor WHY.   Conversely, conventional EDR tools know WHO is using IT resources, and WHY, but do not have visibility of what network traffic this is generating. 

The security data problem lies in the inability to link endpoint and network activity at source, leaving the security industry to rely on SIEM or XDR approaches to attempt to correlate processes with network activity after the event. These attempts just yield high noise and provide at best limited detection fidelity.

Unfortunately, attackers can take advantage of this disconnect between endpoint and network activity data by disguising their external network traffic as innocent web requests, disguising malicious activity as benign processes on the endpoint and making their network interactions as brief as possible, allowing them to hide in the gaps between the conventional tooling.

Fundamentally the data linking every network interaction with the process terminating it – that is linking the WHAT, with the WHO and the WHY – is only available on the endpoint at the point when the network interactions occur.  Only by assembling a picture of the network activity, linked in real time and at source to the endpoint activity, can sophisticated threat actors be identified among the noise of normal IT operations.

This is the Security Data Problem, and it is this problem that SenseOn solves.

Loved by teams and companies you know.

See what SenseOn can do for you

Find out how you can protect your entire organization rnat the click of a button with our rapidly deployed, lightweight software solution.

Arrange a demo