At its core, Eastwind technology is powered by the Eastwind Breach Analytics Cloud. This is powerful breach detection solution enables analysts to hunt, analyze and visualize all activity relevant to an IT system threat or breach. The Breach Analytics Cloud further integrates a comprehensive array of deployment sensors and applications to gather telemetry from all areas of your cyber terrain, including traditional networks, virtual environments, cloud, and all users on and off premises. The result is the security context needed across your entire enterprise to accelerate incident response and forensics.
Eastwind Portal displays areas of interest quickly and easily using the breadth and depth of metadata using our customizable dashboards. It not only provides security event information but cyber situational awareness and context of your cyber key terrain. Eastwind provides the necessary context for security teams to respond and recover with bolstered threat intelligence and multiple detection techniques built upon complete visibility of your hybrid network. With the Eastwind Portal you can pivot rapidly, find complex relationships, and visualize patterns using the Breach Analytics Cloud
Eastwind Automated Threat Hunters: As threat intelligence is updated, our automated threat hunters continuously search backwards and forwards to identify threats based on new intelligence. Add your own custom intelligence or integrate commercial intelligence providers. Once a threat is identified, we perform on-demand machine learning to identify where the entity became an outlier and use that model to retrospectively analyze your entire dataset to discover unknown threats. Two threat hunters are included but additional hunting options can be purchased.
Eastwind Mobile Accessibility: Our mobile app provides a comprehensive view of the Eastwind Breach Analytics Cloud, anytime and anywhere. Whether you are in or out of the office, your attack profile is constantly at your fingertips. You receive the actionable threat alerts and multi-sourced data you need to act quickly.
Eastwind Threat Intelligence: Eastwind integrates a growing list of industry leading cyber threat intelligence sources into our rules engine and enrichment processes, eliminating the need for you to acquire and integrate these yourself. In addition, Eastwind can leveraging industry-specific or proprietary threat feeds that your organization currently uses.
Eastwind Corporate Intelligence: All activity is meaningless without understanding how it applies to your organization. To enable teams to prioritize and provide the necessary context, we are partnering with leading vulnerability, patch management, asset management and corporate threat intelligence providers to extend your existing investments and integrate them directly into the Eastwind Breach Analytics Cloud.
Eastwind Cloud Connectors: Our connectors gather data from APIs and logs from cloud application providers such as GSuite (Google Apps for Work), Office 365, Dropbox, Box, Salesforce and others to detect breaches and enable cloud forensics.
Eastwind Network and Virtual Sensors (physical and virtual network): Our network sensors collect telemetry utilizing our high-speed deep application inspection and breach detection platform using both hardware and software appliances to provide visibility for traditional and virtual networks.
Eastwind Deception: Our network and virtual sensors can turn darkspace into lightweight honeypots to identify anomalous activity. Via an unused IP address on your network, you provide our sensor with the IP address of the device you would like to emulate. Our sensor will then act as a transparent proxy to the device we are emulating to provide you with crucial insight for critical assets and lateral movement.
Eastwind Cloud Sensor (cloud provider sensor): Our cloud sensors are deployed directly into your cloud service provider’s infrastructure utilizing native capabilities to collect network telemetry from Amazon, Azure, Google and others.
Eastwind Compromised Credentials: Our Compromised Credentials monitors data breaches for domains related to your organization allowing you to quickly minimize your potential attack surface and reduce insider threat risks.
Eastwind Active Directory Connector: This connector collects user and system telemetry to detect breaches and provide critical context allowing you to correlate cloud and network activity.
Eastwind DNS Services: Our enterprise DNS services provide malicious activity mitigation, granular content filtering and visibility for mobile users, no matter where they are. DNS telemetry provides valuable insight for network forensics and incident response.
The Eastwind Breach Analytics Cloud is a powerful solution that performs real-time and retrospective analysis fusing multiple sources of intelligence to triage and quickly investigate breaches in your organization’s environment. Our cloud technology incorporates Automated Threat Hunters to detect unknown breaches, as well as Cyber Threat and Corporate Intelligence to provide months and years of enriched analytics.