LMNTRIX Active Defense provides three subscription levels so you can appropriately supplement your team’s skills and risk tolerance.
Foundation uses a combination of advanced network and endpoint detection sensors, to constantly monitor your network and accelerate your response with expert analysis from senior intrusion analysts who validate and investigate alerts and provide detailed compromise reports for each confirmed threat. We then go a step further and contain and remediate incidents for you so you can sleep through the night.
This service delivers a continuous network and endpoint monitoring service using behavior of malware rather than signatures and is ideal for detecting encrypted threats that bypass perimeter controls and detonate on the endpoint.
The service includes exploit prevention, hunting down and blocking or quarantining malware missed by other solutions, automated network perimeter threat containment and helps reduce alert escalations by 95% by first validating breaches on your endpoints before escalating them to you. Furthermore, we help you reduce incident response time from days to minutes by finding all other infected machines and the exact location of malicious files on your network.
When data theft or lateral movement is imminent, our endpoint blocking and quarantine feature makes it possible to react immediately by blocking or quarantining affected hosts, whether they are on or off your corporate network, significantly reducing or eliminating the consequences of a breach.
LMNTRIX ThinkGrid provides unlimited log management and SIEM capability deployed onsite, so that you can meet your log management and compliance requirements.
Accountability and responsiveness is key. This is our stock in trade. We stay close to you and your specific needs. You will be paired with a designated investigation manager. Not only does this person have deep incident analysis and investigation skills, they are always current with your environment. They are deeply familiar with your specific network goals and provide the best incident management available.
Quickly engage remote expert incident responders from our CDC or engage onsite incident response from one of our locally certified partners, when needed, to investigate breaches, re-secure your network, remediate technical damage and assess the business impact so you can make prompt and accurate disclosure, if necessary.
The Foundation subscription level is the minimum service recommended to all organizations to help defend against today’s evolving threat landscape.
Enhanced adds intelligence and deceptions everywhere. LMNTRIX Intelligence adds an additional layer of detection capability against known, unknown and encrypted threats while LMNTRIX Deceive is a post breach strategy for detecting human attackers and red teams that have established a foothold and now looking to move laterally.
The Enhanced subscription level offers a stronger security posture suitable for mid to large organizations that have a medium risk tolerance.
With the Premium subscription level, our hunting team actively pursues adversaries in your network by deploying our hunting platform that uses retrospection, anomaly detection combined with behavior analytics and data science modeling techniques to find attackers hiding in remote corners of your network.
This service involves the proactive, stealthy, and methodical pursuit and eviction of adversaries inside your network without relying on IOCs. Our team of expert intrusion analysts and threat hunters monitor your networks and endpoints 24×7, applying the latest intelligence and proprietary methodologies to look for signs of compromise. When a potential compromise is detected, the team performs an in-depth analysis on affected systems to confirm the attack.
Our intrusion analysts leverage deceptions, deep & dark web monitoring, multi-threat network detection, together with endpoint and network forensics capability on live systems to investigate, classify, and analyze the risk in real-time. Detailed reports on exactly what happened and recommendations on how to contain the threat are immediately provided.
Finally, we complement your internal network hunting with external deep and dark web hunting services with the gathering of the most salient data publicly available on the internet about you and providing meaningful, timely, relevant, and actionable insights through a fusion of technology and subject matter expertise.
The Premium subscription level offers an Advanced security posture suitable for large organizations that have a low-risk tolerance.