NVISO Eagle Eye

Eagle Eye ist eine Lösung zum Threat Hunting in Unternehmensnetzwerken. Sie erlaubt es, dem Security Team und Analysten Logs von Clients, Servern und Netzwerkdevices wie Firewalls zentral zu sammeln, mit verschiedenen fortschrittlichen Verfahren zu analysieren und dadurch Cyber Angriffe und Incidents im Netzwerk zu erkennen und entsprechende Gegenmaßnahmen einzuleiten. Eagle Eye verwendet neben bekannten Mechanismen wie YARA Rules eine eigens entwickelte EE Outlier Engine, um Unregelmäßigkeiten zu erkennen und unterscheidet sich dadurch von bisherigen SIEM Lösungen.

Reference Customers:

Consors Finanz

Ready-to-use interfaces to other tools and systems:

The Hive - Incident Management Lösung

History:

2019: Host Hunter

In 2019 we developed our very own endpoint log collection tool, called “Host Hunter” – we reuse as much of the proven tools in the open source world including osquery, and build the components which we feel are missing in the context of security monitoring and Threat Hunting.

2018: Eagle Eye

In 2018 we professionalized our CI / CD pipeline and moved our entire solution to Docker – much more modular, and able to deploy on a range of different systems, including support for distributed architectures. We also switched our entire deployment from bash scripts to Ansible, making our pipeline professional & scalable for an environment in which we want to release often, with multiple different versions running at different customers.

2016: Security Sensor

Our first version focused purely on detecting threats on the network level, and had little to no user interface – we have grown to also support entpoint monitoring and have a rich & user-friendly UI used by both customers as well as our own analysts.

General information:

Business Unit: Cybersecurity
Branch: All Branches
Type: Product
Patented: No
GFFT Rank: 1.36

Contact of the Organization:

NVISO GmbH
Platz der Einheit 2
60327 Frankfurt am Main
Germany
Tel.: +49 (0) 151624893383
Email: