Learn what is usual to spot the intruder 🔦

SEKOIA.IO adds a third detection technology in its arsenal to spot the most advanced intruders: Statistical Analysis and Machine Learning.
stats.png

In some cases, attackers neither violate the security policy of a perimeter nor use attacker tools, TTPs or aggresive infrastructures to perform their actions.
Instead, they use valid credentials, legitimate tools and limit themselfs to only common IT operations to stay under the radar.

To drasticaly increase the cost for the attacker to perform its intrusion, we created a detection engine that continuously learn the behavior of the defended perimeter.
Enter your aggregation query and let SEKOIA.IO automaticaly and continously learn it's seasonality. No more static threashold to define = fewer false positives.

For more details on this new terrific feature, have a look on the associated documentation : https://docs.sekoia.io/xdr/features/detect/anomaly/

What do you think about this update?