Threat Intelligence Gateway:
Our threat intelligence gateway is a software system that can be deployed to protect any network. Because of its breakthrough algorithms, it is able to apply massive-scale CTI to protecting networks without affecting network performance; thus, users and e-business can use it without adverse effects.
Our gateway system consists of three primary components:
1) Advanced Cyber Threat (ACT®) Intelligence
2) RuleGATE® Enforcement
3) QuickTHREAT® Analytics
These three components enable network operators and users to select the optimal CTI and apply it to stop attackers, as well as conduct forensics on CTI-matched events and further improve their network’s cyber defenses.
Advanced Cyber Threat (ACT) Intelligence:
ACT is our CTI subscription system that allows users to select any combination of CTI sources from any combination of CTI vendors. Users can also add CTI from the widest variety of community sources, including the Information Sharing and Analysis Centers (ISACs), and from government and law-enforcement feeds. In addition, network operators can also add their own locally sourced and discovered CTI.
RuleGATE is our CTI enforcement system. RuleGATE instances are inserted in-line at your physical or virtual Internet connections. RuleGATEs can be deployed in a variety of ways: in the cloud, on your virtual infrastructure, or on a variety of platforms and appliances – whichever best fits your needs.
RuleGATEs are configured to operate on both non-encrypted and encrypted traffic. They fully support mission-critical, high-availability networks with features such as “Fail-Open”, “Active-Active failover”, etc. They operate flawlessly and transparently at the highest speeds of today’s enterprise networks.
QuickTHREAT™ is our CTI and cyber threat event analytics system. It provides users with immediate insight into the cyber threats in their networks. These threat events can be inbound threats from the Internet that are stopped dead by the RuleGATE, outbound threats such as phishing attacks and ransomware, or insider threats caused by users (either deliberately or unknowingly).
Most users are primarily interested in two points-of-value from QuickTHREAT:
1) Awareness -- What are the most significant threat events that are affecting their security right now?; and
2) Effectiveness -- How effective is the protection provided by the threat intelligence gateway system?
QuickTHREAT provides both executives and cyber operators with dashboards and instruments that measure and visualize cyber defense effectiveness and awareness. QuickTHREAT is delivered through standard Security Information and Event Monitoring (SIEM) platforms, which may host the users’ existing SIEM tools or Centripetal’s SIEM applications. Centripetal’s SIEM applications also provide cyberanalysts with advanced, artificially intelligent tools for accelerating their productivity, effectiveness, and efficiency.