Eastwind for IBM Cloud provides visibility, threat analysis and user and entity behavioral analytics to identify malicious activity, insider threats and data leakage within your IBM Cloud Services.
At its core, Eastwind is powered by the Breach Analytics Cloud. This powerful solution enables cyber defenders to hunt, analyze and visualize all activity relevant to your enterprise. Eastwind provides a comprehensive array of sensors and applications that gather, enrich and analyze telemetry from all areas of your cyber terrain, including SaaS, IaaS, DNS, hybrid networks and all users on and off premises. The result is breach analytics at speed and scale accelerating incident response and forensics.
- Collect, analyze and enrich network and IBM Cloud Services telemetry via IBM Cloud Monitoring with your other network, IaaS, SaaS, DNS and application data.
- With Eastwind for IBM Cloud, fusing multiple intelligence sources, machine learning, signatures, and anomaly detection with a fast and powerful query engine allows you to interpret months or even years of data.
- The Breach Analytics Cloud performs continuous realtime and historical monitoring to identify threat factors, scope incidents, and reduce dwell time.