CYBERSEC EXPO 2019

The largest CYBERSEC EXPO in Taiwan, A Collection of Solutions in Cyber Security

MAR.19 - 21

Taipei International Convention Center
Taipei World Trade Center Hall 1, 2F

黃金級

Fidelis Cybersecurity

Fidelis Cybersecurity is the leader in automated detection and response. The Fidelis Elevate™ platform dramatically improves the effectiveness and efficiency of security operations by delivering comprehensive network visibility, rich metadata, intelligent deception, alert validation, and automated investigation and response across networks and endpoints. Fidelis is trusted by the most important brands in the world. See what you’ve been missing. For more information go to www.fidelissecurity.com.

Advanced Threat ProtectionNetwork SecurityEndpoint Detection & Response

Fidelis Elevate™

Automate Detection.
Automate Response.
Prevent Data Theft.

One unified platform ensures faster detection and automated response – providing accuracy, clarity and certainty for your cyber security team.

Elevate Security Operations
Even with many prevention tools in place, organizations are still getting breached. That's why more organizations are shifting from a prevention-focused approach to a detection and response strategy.
Fidelis Elevate is the only security operations platform that provides deep visibility, threat intelligence and context across complex environments to automate detection and response.

A Force Multiplier for Your Security Operations
Fidelis Elevate™ integrates network visibility, data loss prevention, deception, and endpoint detection and response into one unified solution. Now your security team can focus on the most urgent threats and protect sensitive data rather than spending time validating and triaging thousands of alerts.

Enhance Your Visibility and Detection Capabilities

  1. Inspect all ports and protocols
  2. See north-south traffic, lateral movement and data exfiltration
  3. Enrich alerts with data and context from Fidelis Network®, Fidelis Endpoint®, and Fidelis Deception™– all in a unified platform
  4. Combine threat intelligence, sandboxing, machine learning, deception, and Fidelis research
  5. Capture and store metadata for analysis and threat hunting

Automate Response for Quick and Effective Resolution

  1. Draw conclusions with accuracy by automatically collapsing many alerts and events into a single view
  2. Automatically validate network alerts on the endpoint with certainty
  3. Raise the priority level when evidence is found of increased risk
  4. Automatically execute a response playbook to jumpstart your investigation with clarity
  5. Stop data leakage, command and control, and active attacks

 

Threat Analysis & ProtectionDeception-based SecurityForensics

Fidelis Network®

Best-of-Breed Breach Detection and Data Loss Prevention (DLP)
Gain visibility into content over all ports and protocols to detect threats and prevent data loss.

See More, Inspect More
Identifying threats and data leakage requires deep inspection and analysis of all forms of content, including unpacking and extracting deeply embedded files. Fidelis Network bi-directionally scans all network traffic, regardless of port or protocol, to reveal the network and application protocols, files, and content.

Never miss an attack or data leaving your network
1.    Patented Deep Session Inspection® as well as Deep Packet Inspection gives you unique visibility across all ports and protocols.
2.    By capturing and storing all metadata traffic, you can use with automated analytics or make available for improved threat hunting.
3.    Automatically discover and classify data on your network to prevent unauthorized transfers out of your network.

Detect Threats
By conducting real-time network analysis and identifying behaviors that indicate compromises, Fidelis Network provides automated detection for the proactive discovery of attackers, suspicious hosts, and malware.

Real-time and retroactive detection
1.    Detect and prevent infections at line-speed with real-time network analysis uncovering initial compromises, suspicious hosts, malware and compromised hosts.
2.    Learn about past attacks with retroactive analysis of stored metadata triggered by key indicators derived from threat intelligence, machine learning, sandbox results and Fidelis research to understand attacker TTPs and prevent future attacks.

Eliminate Alert Fatigue
Fidelis Network automatically validates, correlates, and consolidates network alerts against every endpoint in your network. Minimize false positives and shift from clues to conclusions so you can quickly address the alerts that matter most.

Focus on what matters
1.    Gain critical context and save valuable time by automatically validating, correlating and consolidating network alerts across every endpoint.
2.    Make time-sensitive decisions with pre-staged evidence in one view. Suspicious network data, rich content and files are all assessed against industry-best security analytics and rules.

Prevent Threats
Fidelis Network includes multiple sensors that can be placed throughout your network to enforce prevention policies. These sensors can be placed inline or out-of-band based on your network configuration and prevention tolerance.

Terminate threats in progress
1.    Drop sessions in real-time in response to detected policy violations with inline or out-of-band sensors.
2.    Analyze email content (even when encrypted) and prevent compromises by dropping, re-routing or quarantining email messages with the email sensor.
3.    Redirect web pages or drop sessions with the web sensor.

Detect and Prevent Data Loss
Fidelis Network detects and prevents data theft by utilizing our industry-best content decoding and inspection engine. Get ultimate visibility of exfiltration attempts and keep your sensitive data safe.

See everything leaving the network
1.    Analyze network sessions over time to detect data leakage thanks to stored metadata.
2.    Prevent loss of critical and sensitive data through standard and non-standard ports.
3.    Automatically confirm and stop data theft with deep content inspection of all outgoing network activity.
4.    Gain accurate alerts with clear forensic evidence of data exfiltration.
 

Endpoint SecurityIncident ResponseThreat Hunting

Fidelis Endpoint®

Automate Endpoint
Detection and Response (EDR)

Increase endpoint visibility, reduce response time from hours to minutes, and enhance your endpoint protection.

Greater Visibility Means Deeper Insight
Fidelis Endpoint provides visibility into all endpoint activity including process actions, logged in users, registry writes, file system activity, and memory. Detect threats by applying Fidelis Insight threat intelligence, custom alert rules, YARA and OpenIOC formats to analyze, alert, and collect system events. Fidelis visibility is always on, whether the endpoint is on-network or off.

See all endpoint activity
1.    Gain visibility into all activity at the endpoint.
2.    Monitor endpoints in real-time and retrospectively, on and off the network.
3.    Record key events with playback analysis that automatically delivers a timeline related to suspected incidents, along with the prioritized alerts.

Respond Instantly to Attacks
Automatically respond to any detection by executing tasks either shipped with the system or customized for your environment. Response tasks include endpoint isolation, creating and using restore points, process termination and file wiping. You can also jumpstart investigations including memory analysis, vulnerability scans, and system inventory. Integrate with Fidelis Elevate to execute response actions to threats detected in the network.

Detect and respond to threats faster
1.    Detect threats in real-time through behavioral rules and indicators provided by Fidelis Threat Research, third party feeds, custom rules and indicators, and signature and heuristic-based detections from Fidelis AV.
2.    Integrate with SIEMs, NGFWs, and more to execute response actions.
3.    Ensure faster response with our large library of pre-written scripts – and create and use your own.
4.    Create response workflows to automatically kick off remediation, deep analysis, or custom actions by defining alert responses and actions.

Enhance Your Endpoint Protection
Fidelis Endpoint can be enhanced with Fidelis AV so you can see exactly where threats originate. Fidelis AV provides both traditional signature and heuristic-based detection and prevention of threats on the endpoint. Process scanning allows users to block execution of processes by hash or with easily created YARA rules.

Prevent malware and block execution
1.    Detect and prevent known and unknown threats.
2.    See where a threat was detected or prevented in the chain of events.
3.    Leverage a central repository of detected threats via our Global Quarantine capability.
4.    Block process execution with Process Scanning.
 

Advanced Threat Protection
Data Loss Prevention
Threat Analysis & Protection
Endpoint Detection & Response

1). Fidelis Elevate™  

2).Fidelis Network™  

3).Fidelis Endpoint™

  • 4 Keys to Automating Threat Detection, Threat Hunting and Response

    4 Must-Do's for Advanced Threat Defense:
    Beyond evolving the security infrastructure to a single network and endpoint detection and response platform,Gartner recommends that organizations evolve the post-breach detection and response capabilities of the security operations team. Four must do’s for maturing advanced threat defense include:

    1. Use new post-breach detection techniques to reduce dwell time or MTTD
    2. Automate detection and response processes to improve MTTR
    3. Evolve capabilities to proactively hunt for threats
    4. Engage managed detection and response services from technology vendors with in-house knowledge of their solution, plus the ability to provide incident response services
       
  • Whats Hiding Within Your Metadata

    Every day Fidelis customers learn new things about their network from the rich metadata provided by Fidelis Network. Specific examples of discoveries customers have made include:

    1. Confidential information being shared with external partners
    2. Payment card information (PCI) being shared in an unsecure manner
    3. Unauthorized use of Remote Desktop Protocol (RDP) by attackers and insiders
    4. Use of unauthorized cloud services and other shadow IT
    5. Misconfigured proxies
    6. Unknown and unsecured network egress points
    7. New resources such as IPs or domains appearing inside the enterprise.
       
  • Fidelis Endpoint_A Technical Deep Dive

    Fidelis Endpoint® enables security teams to focus on and act against real threats by correlating activity between Fidelis Endpoint and existing security products—such as network-based security solutions, next-generation firewall/detection systems, advanced breach detection solutions or security information and event management (SIEMs)—so the teams can effectively assess and validate alerts within seconds of notification. The solution also automates complex, time-consuming, manual workflows and applies intelligence and context to alerts, so analysts can quickly validate, investigate and ultimately resolve incidents.
    Fidelis Endpoint reduces risk, improves key metrics, automates manual steps and minimizes clicks in a way that scales, making more effective use of scarce resources.
    Unlike standalone solutions, Fidelis Endpoint is a  EDR  solution comprised of:

    1. Threat intelligence
    2. Endpoint threat detection and visibility
    3. Endpoint hunting
    4. Remediation
    5. Endpoint forensics
    6. Security hygiene
    7. Malware analysis and triage
    8. SIEM integration
    9. Network threat detection and analytics
       
  • Automate & Accelerate Your Security Operations

    Keys to Automating Detection and Response:

    1. Automate response actions network isolation, process information, memory analysis, suspicious file deletion, file collection and custom script execution
    2. Give junior analysts complete insight, so they can quickly draw conclusions and complete investigations
    3. Use a system with access to custom scripts and an integrated telemetry feedback loop
       
  • Utilizing-Deception for Effective Breach Detection

    Intelligent Deception
    Setting up an Attractive and Believable Deception Layer
    Coupling proactive, intelligent deception with accurate detection technologies yields much better results than traditional approaches relying only on traffic monitoring. Intelligent deception ncorporates a variety of mechanisms to lure attackers and to provide all the necessary information about attacker activities as they occur in real-time. With this approach, a multiplicity of deception assets, “decoys”, are deployed throughout the organization’s network. The decoys are both customizable and general purpose, able to entice and sidetrack attackers and malware.

    1. Accurate reporting of actual incidents while keeping false alerts to a minimum
    2. Clear attack kill chain maps providing complete information
    3. Intuitive GUI providing analysts with quick access to all relevant data
    4. Easy and quick deployment with automated configuration
    5. Minimal maintenance with automated updates
       

Fidelis Elevate™ Explained

SOCs are under siege. Attacks are more sophisticated and security stacks are more complex than ever. Security analysts are overwhelmed by too many tools and too many alerts. Find out how Fidelis Elevate can help SOCs detect and respond to attacks quickly and accurately, over the entire kill chain.


Fidelis Endpoint Overview

Identify compromised endpoints, automate your response and validate suspected incidents at every stage of the attack life cycle with Fidelis Endpoint from Fidelis Cybersecurity.


Validating Network Alerts at the Endpoint with Fidelis Elevate™

Explore the some of the many benefits of using network and endpoint in a combined platform with Fidelis Elevate


Product Type

Advanced Threat ProtectionNetwork SecurityEndpoint Detection & ResponseThreat Analysis & ProtectionDeception-based SecurityForensicsEndpoint SecurityIncident ResponseThreat Hunting