77% of breaches in 2017 utilized file-less techniques.

The 2017 State of Endpoint Security Risk, Ponemon Institute

The Evolving Attack Lifecycle

traditional attack lifecycleAwake EntityIQ
Malware-based attacks are noisy and therefore easier to detect and respond to.
Attackers have evolved to techniques that rely on tools that already exist within your environment, abusing insider credentials or using SSL to legitimate sites for command and control.
modern attack lifecycle
awake security entityIQ device details

Security Investigation Platform

Awake detects attacks that blend in with business-justified activity and enables conclusive and rapid response. With exhaustive intelligence from the network, Awake uniquely identifies mal-intent to stop insider attacks, file-less malware, and much more. Without Awake, only the world’s most sophisticated security experts are capable of performing such detailed forensic analysis, utilizing a manual, time-consuming process that typically occurs well after an attack. Awake has democratized this ability, making it accessible to any organization, regardless of size, budget or sophistication. Importantly, Awake delivers this proactive security control at scale and at the speed of the network.

How Awake Works

Awake EntityIQ
  • Parses full packet capture data to extract hundreds of security-relevant signals
  • Deduces & profiles entities such as devices & domains, their behaviors & relationships
  • Captures institutional knowledge from the team including business context & criticality
  • Separates verdict functions from the ML-models to avoid constant retraining / updates
  • Enables behavioral queries for both attacker TTPs and organization-specific threats
  • Delivers interactive responses even if searching across graph, structured data and raw packets
Awake QueryIQ
Awake DetectIQ
  • Provides a suite of TTP detection libraries that uniquely combine entity & traffic analytics
  • Correlates activity into a threat timeline that encompasses IOCs, TTPs and non-malware
  • Enables automatic triage with risk scores for devices and domains

The Awake Advantage

Awake dramatically improves the time to detect, contain and respond to modern threats.
detection
Modern Threat Detection
Identify mal-intent threats such as file-less malware, insider threats, credential abuse and data exfiltration that evade existing defenses.
speed of response
Rapid Response
Resolve alerts or hunt in minutes rather than hours, by ending the “coffee break” query experience typical of existing solutions.
campaign analysis
Attack Campaign Analysis
Analyze sophisticated campaigns with out-of-the-box integrations that augment investments such as SIEM or threat intelligence platforms.
entity visibility
Entity Visibility
Track devices, people and other entities without logs or endpoint agents even as IP addresses change.
entity profiles
Automated Context
Instantly access device and user profiles with business function, email addresses, domains visited, files accessed, relationships, and more.
awake roi
Quick Time to Value
Derive value immediately without the need for complex integrations, training periods or tuning, and a SaaS like experience for system upkeep.

Featured Testimonials

>
"Info Security Products Guide 2018 Global Excellence Awards"

Winner in 4 categories:


Startup of the Year
Cyber Security Vendor Achievement of the Year
Most Innovative Security Software of the Year
Best Security Software
>
"2018 CYBERSECURITY PRODUCT AWARDS"

Winner in 3 categories:


Security Investigation Platforms
Forensics
Threat Hunting
>
"The network doesn’t lie, so tapping into network data, automating the analysis and presenting it in a way that will help connect the dots in an investigation will make a significant impact in empowering analysts to more efficiently clear investigations."
Eric Ogren, Senior Analyst, Security

Ready to try Awake?

Benefit from two years of collaborative research with over 200 security teams and machine learning algorithms that detect modern threats and enable rapid and conclusive response.