ENDPOINT DETECTION & RESPONSE
RaptorX Alpha collects 280 different kernel API calls, providing real time visibility into all types of activities performed by the endpoint. Discovering adversaries in real time to stop the attacks before they become breaches, built as part of the kernel framework to stop any malicious code execution before committing in memory or disk.
RaptorX platform build a knowledge graph to extract a set of features out of the collected data by the light-weight agents. The linked-analysis model allows pivoting between entities to view the relationship between them, reducing investigation time by factor of 10x.
RaptorX is designed to fuse massive amounts of data into a threat graph for threat hunts and cybersecurity investigations. A large amount of data brought together in a contextual way can grant a comprehensive view of a network that is invaluable to defenders. To achieve this, RaptorX big data foundation allows for secure, multi-petabyte scale storage. Users can start small, from a few terabytes, and scale upward to their organization’s needs,
all delivered by a cloud platform.
Mapping threat detection to threat stage
RaptorX maps threat detection to MITRE ATT&CK threat framework, reducing response time by X10 factors.
Adversaries detections are aligned with MITRE ATT&CK threat tactics, techniques and common knowledge.