ZitoVault Ignite Security Platform

The cloud platform powering the Endpoint Detection & Response (EDR) solution.

Helping customers detect attacks early and stop them automatically.

The Z1 Ignite Security Platform provides powerful services that monitor the security posture of endpoints, and detect cyber threats and anomalies. The platform acts as a centralized repository of security related metadata collected from endpoints, through secure communication channels. The data is analyzed in near real-time for suspicious activity and anomalous behavior. In order to enhance the accuracy and speed of threat detection and response, ZitoVault takes the following approaches:

First we implement over 200 custom rules to detect suspicious activity on endpoints. This enables us to detect quickly whether certain files or folders have been modified suspiciously, whether users are attempting to logon to systems at a suspicious frequency or time, whether accounts are being created illegitimately, whether unusual scanning or reconnaissance operations are being performed, and much more.

Second we have built a modern threat intelligence platform to identify known abusive attackers and attacks, that aggregates data from several reputable threat intelligence industry feeds, and combines it with ZitoVault’s propriety fingerprint database that captures unique endpoint information. This enables us to correlate collected data and determine whether any of the customer endpoints are communicating with blacklisted IP addresses or domains, or whether suspicious files or file hashes are traversing on customer endpoints, or whether other known attacks are taking place.

Third in order to identify unknown attacks, we utilize User & Entity Behavioral Analytics (UEBA) in the cloud and apply machine learning on the collected data, to detect anomalous behavior that is potentially associated with 0-day attacks. The machine learning algorithms enable us to identify patterns and behaviors that rules by themselves are unable to identify.

Fourth we have partnered with a leading Managed Detection & Response cybersecurity solution provider with global Security Operations Centers and certified cyber security analysts, that can monitor endpoint data on a 24×7 basis. The partnership provides customers with a threat hunting service where analysts are able to identify emerging threats that are previously unknown or undetected by rules or algorithms.

Key Advantages:

Powerful & Centralized:

  • A powerful cloud based service with the ability to take response actions to protect your endpoints.
  • A centralized portal for customers to manage their endpoints, obtain real-time visibility, notifications, and searching functionality.

Intelligent & Synchronized:

  • Modern threat intelligence platform that keeps you protected against known and emerging threats, through rapped correlation collected data with attack data.
  • Update security policies to proactively protect a customer from attacks detected on another customer’s endpoint.

 

Threat Hunting & 24×7 Monitoring:

  • 24×7 certified security analysts in a SOC, protecting your endpoints and performing threat hunting operations on your behalf.
  • Behavioral analytics applied to detect anomalous behavior of users or entities caused by cyber attacks.

Ease of Deployment:

  • Designed for easy deployment and use, with integrated secure connections to Z1 Agents.
  • Uses a modern technology stack enabling customers to efficiently obtain real-time information about security posture of endpoints.