Technical Concepts of Threat Defender

cognitix Threat Defender (or Threat Defender for short) is an inline threat intelligence and protection platform that creates a second line of defense inside the network.

  • With Behavior-based Correlation Threat Defender analyzes the network traffic and correlates events across multiple traffic flows.

  • Up-to-date, global Threat Intelligence data complement the traffic analyses.

  • Using dynamic Network Segmentation, Threat Defender reacts to changes in the network behavior at runtime.

  • Threat Defender tracks the devices in the network based on their IP and MAC addresses (see Inventory) to monitor and manage network assets as well as to apply policy rules to individual devices or groups of devices.

  • With its interactive drill-down reporting system Threat Defender visualizes the collected information.

The following chapters explain the main techincal concepts used by cognitix Threat Defender in detail.

Additional References: