How it works
Our cybersecurity platform is elegantly streamlined into three primary components:
Collector
On the front lines, diligently gathering threat data.
Core API
Acts as the central hub where data is: Processed, Analyzed, Visualized for easy interpretation
Defender
Uses insights from the Core API to enforce robust security policies, ensuring resilience against threats.
Use case scenarios
Local Threat Detection
Designed for environments where manual intervention is preferred, this flow emphasizes the intricate dance between threat detection and user-driven responses. The process begins with setting up the Core API on a dedicated server. As the Collector detects potential threats, it sends this data to the Core API for deep analysis. Threats are then visualized on the user's dashboard, with users being notified based on their pre-configured settings. Any necessary actions to address these threats are taken manually by the user.
Distributed Collection
In distributed networks with varying vulnerability points, this flow emphasizes swift, automated reactions. Once the Core API is established on a dedicated server, multiple Collectors across various subnets send detected threats to it. The API analyzes these threats and updates the Defender's rule set, leading to proactive blocking of threats. This entire cycle, from threat detection to defense, is visualized on the user's dashboard, ensuring they are always in the loop. Users also retain the flexibility to manually adjust rules as needed.
Cloud Intelligence
This flow connects to the expansive universe of cloud-based threat intelligence. After setting up the Core API, the CloudSync module is utilized to fetch the latest threat indicators from external sources. The API processes this data and instructs the Defender to block specific threats, ensuring defenses are always updated. On the user's dashboard, a global view of threats and defenses is presented, allowing users to fine-tune responses and ensure optimal protection.
Hybrid Monitoring
Tailored for businesses that operate in both on-premises and cloud environments, this flow delivers a seamless integration between two realms. It starts with the setup of the Core API, which then aggregates data from both on-premises Collectors and CloudSync modules. This aggregated threat data undergoes a consolidated analysis, and the platform intelligently decides on whether an automated or manual response is needed based on the threat's nature and origin. The dashboard offers users a panoramic view of threats across both landscapes, giving them unparalleled situational awareness and response agility.
© 2023 breach :: harbor