Breach Detection System
New Generation Breach Detection Solution.
Based on a next-generation technology, Trackwatch® Full Edition detection system, published by Gatewatcher, efficiently protects organizations against intrusions and breaches.
Trackwatch® Full edition is the first advanced threats detection system qualified by the French National Cybersecurity agency (aNSSi)
The solution detects abnormal behavior and weak signals within network flows. Trackwatch® is composed of one or several detection probes (GCAP) and a management appliance (GCENTER).
Trackwatch® has been designed to protect various business sectors, such as transportation, telecommunications, hospitals, energy and banks.
It allows strategic organizations to address their cybersecurity needs by providing a cutting edge solution for detecting and analyzing the most crafted threats.
ADVANTAGES
- Analyses all network flows.
- Detects all types of attack vectors.
- Multi-format analysis of unexecutable files.
- Parallel analysis of files through Load Balancing algorithms ( > 6 million per day).
- Detects malicious files.
- Detects vulnerabilities exploitation (polymorphic shellcodes, encoded shellcodes, ROP…).
- Detects 0-day attacks by dynamic controled execution.
- Rebuilds attacks / killchain by syntaxic and comparative analysis.
- Retro-analyses suspicious files automatically
Breach Detection System and Smart Probes
Our unique technology detects the most advanced threats, made with the most crafted exploitation methods (polymorphism, obfuscation, encoding, ROPchain…) and the threats based on all types of malicious files (ransomware, cryptolocker…).
Trackwatch® can be deployed from two types of devices: GCAP and GCENTER.
GCAP ensures the collection of network traffic flows and a portion of the analyses. A GCAP is connected to a switch with a mirror port or to a TAP that copies the network traffic. One or more GCAPs can be deployed within an infrastructure, either locally or at remote sites. The GCAP(s) are connected to a GCENTER management device.
The GCENTER analyses the information sent back by the GCAP, stores it, provides configuration and reporting interfaces, and exports the information to a security information and event management (SIEM).
Information Capture and Analysis
At the very heart of your information system, Trackwatch® is the only product on the market with a double approach in innovation: deep information capture and optimal analysis.