How to evaluate severity of cyber incidents and to investigate and evaluate business or operational impact of cyber attacks.
Tovek Server can unify searches across different sources of information about incidents, vulnerabilities and threats (SIEMs, threat intelligence sources, vulnerability databases, forensic software, etc) and Tovek Tools enables the analysis of significant cases of cyber-attacks, and the creation of a knowledge base.
Various identifiers like MAC, IMSI, IMEI, IP addresses, phone numbers, emails, cell IDs; large amount of data, various log formats.)
Creating quickly a holistic view of risk and attacks by sifting through information from many different sources to provide assistance in dealing with cyber-attacks and in reducing vulnerabilities.
Unification of the system for evaluating attacks from all subjects of critical infra-structure and recommendations for countermeasure proposals.
How to filter and prioritize cyber threats relevant only to specific assest or processes? How to correlated Identify threats from security & communication logs?
There is many open source open data sources (Twitter, web discussions, blogs) and Commercial threat intelligence systems providing information about threats and vulnerabilities.
Tovek can continually index new data from these sources an select only information relevant to the protected systems (critical assets). The selection is based on profiles created in form of active knowledge maps describing the SW and HW components of protected system and their versions, updates and manufactures. The correlation can be baswed on various identifiers like MAC, IMSI, IMEI, IP addresses, phone numbers, emails, cell IDs.
The cyber security team is alerted primarily about threats and vulnerabilites related to most important assest and can deploy countremeasures.
How to bridge the gap between cybersecurity experts and company top management. How to link cybersecurity incidents and attacks to general business security and risk management.
Tovek Analytical Research and Monitoring Solution for Cybersecurity (TOVEK CYBER ARMS) is one stop solution for big data analysis (link analysis, content analysis, context analysis, geospatial analysis, transactional analysis, social network analysis and Artificial intelligence).
Various views on consolidated data allow you to identify the impact of threats on business operations, to discover attackers identity and motivations and to develop countremeasuers.