Know Your Threats

Event Horizon from NeuralIQ enhances your network infrastructure with real-time intrusion forensics, giving you the upper-hand in combating cyber attackers. See what they have in store for you, while they are still planning it. See where they're attacking. See what assets they’re targeting. See how they plan to get away. Armed with unprecedented information, you can take immediate action to harden your system, defending against tomorrow’s attacks, today.

Other services may provide reams of data and statistics, capture packets, and replay events in sandboxes, but only Event Horizon captures the entire “anatomy of a hack.” We don’t just tell you that you are being attacked; we show you how attackers are trying to get in and what they do once they think they’ve penetrated your organization.

Armed with this human intelligence, you can finally get a clear, intuitive picture of the threats facing your organization and the tools you need — such as automatically generated attack signatures — to harden your existing security, wisely allocate resources, and counter threats before production assets are compromised.

After all, security is only as good as the intelligence that drives it.






Faster, smarter, more secure

How It Works

Event Horizon uses virtualization to rapidly and flexibly deploy customized clones of your production environment. These clones are then exposed to the same attacks as the rest of your IT network.

Using proprietary surveillance technology, Event Horizon captures decrypted, detailed, and comprehensive intelligence about attacks on your network as they take place. This data is analyzed, visualized, and delivered to you in an actionable format in real-time.

As a result, attacks on these clones provide valuable intelligence about specific threats to your enterprise. Automatically generated attack signatures let you immediately immunize production assets, but the real power of Event Horizon — and the reason we developed the ability to capture and process so much arcane data in real-time — is the human picture. Forensic visualizations and interactive reports reveal how attackers planned to breach your defenses, what they were after, and why they are targeting you. Even encrypted communications are reconstructed as movies, so you can view potential compromises as though you were looking over the attacker’s shoulder.

Whether you’re repelling attacks, profiling applications, staunching data leaks, or studying your enemy, the key to quality intelligence is speed and specificity. Event Horizon delivers both.

Virtualization

Virtualization is the process of running entire servers, including their hardware, as self-contained virtual machines that exist totally in software.

The result of using virtualization is that Event Horizon is able to quickly generate system “clones” that are indistinguishable from your production servers, making them unmatched tools of deception. Since no monitoring software of any kind is installed on the clones, intruders have no ability to detect that they are interacting with a system that is observing and adapting to their behavior. Since Event Horizon clones encapsulate complete server environments, the quality of forensic data they glean from intruders goes well beyond any alternative currently available to network security professionals.

Introspection

Event Horizon is able to capture instruction-level attack data while remaining invisible to attackers, with no discoverable impact on performance. No monitoring software of any kind is installed on your clones, making it virtually impossible for attackers to dismantle surveillance. Working from behind the scenes in the host kernel, our technology provides a real-time window into your clones, providing the raw data required to reconstruct the "anatomy of a hack."

The rest of your existing security infrastructure - unified threat management; intrusion detection and prevention – produces unwieldy reams of data and statistics. In the event useful information is identified, it is often buried within the noise of daily logs, false positives, and automated reports. Event Horizon highlights the most dangerous threats; not only telling you that you are being attacked, but also showing you how attackers are trying breach your security and what they do once they think they’ve penetrated your defenses.

Signature Generation

Using advanced pattern-matching techniques and artificial intelligence, Event Horizon both identifies and learns from attack activity, generating attack signatures in real-time. These signatures are then immediately made available to be applied as updates to existing intrusion detection and prevention systems (IDS/IPS).

Our cyber intelligence-gathering agents capture all attack activity, not just patterns, but all of the raw data. These assets are available through the Event Horizon user interface for a more thorough forensic analysis. Encrypted communications are reconstructed and malware is reverse-engineered, all in real-time.

The deep forensic insight provided by our signature generation engine allows administrators to configure sophisticated alert policies and determine when the engine notifies them of suspicious code or events.

Visualization

Thanks to our advanced, next-generation visualization tool, our customers can quickly analyze and visually explore their Event Horizon data in countless ways, allowing users to customize their experience for maximum efficiency. Event Horizon alleviates the need to pore through endless data streams. By representing attack data visually — including three dimensionally — administrators quickly gain insight into an attacker, allowing them to rapidly adapt to new threats.

Administrators can visually identify patterns of activity that are not immediately caught by the signature generation engine. Administrators can then “teach” Event Horizon to defend itself against these attacks in the future and issue alerts when it encounters variants. This collaborative feedback allows customers to gain a level of deep forensic insight and operational agility that is simply unavailable anywhere else.

In other words, rather than trying to reduce attackers' behavior to anomalies, or attempting to break into encrypted packets as they travel your network, Event Horizon exposes attackers’ tools, methods, and intentions — the full “anatomy of a hack” — in real-time. You gain the information you need to harden your network against zero-day exploits that are specifically intended for your digital assets:

- Instantly reverse-engineer malware to automatically generate customized IDS/IPS attack signatures, immunizing your entire network.

- Forensic visualizations of attackers’ intentions help you tailor policies and procedures to specific, existing threats.

- Interactive reporting reveals how attackers plan to breach your security, helping you prioritize patches and updates.

- Attackers’ encrypted communications are reconstructed as movies, so you can view potential compromises as though you were sharing the attackers’ screen, giving you unprecedented insight into the mind of your adversary.

Now you can maximize the ROI on your existing security infrastructure. Allocate resources and counter threats more effectively before important assets are compromised. Event Horizon gives you the ability to defend against tomorrow’s attacks, today.

Event Horizon — Tailored To Your Needs

During implementation, Event Horizon is tailored to the needs of your organization. We offer customization and best practice training services for customers ranging from small and medium businesses to Fortune 1000 enterprises; from security vendors to governments and international organizations.

Whether you want the power of a dedicated deployment of virtual servers that mirror your production environment or more modest access to Event Horizon, our cyber intelligence team will work with you (and your security services provider) to craft the strategy that’s right for you. And because Event Horizon is flexible, it can easily adapt as your intelligence needs evolve.