Our Approach to Cyber Defense
We believe in helping organizations achieve a unified approach to cyber defense where existing devices, protocols, detection systems, and intelligence are utilized to actively blackhole known and emerging threats.
Actively Block Known Threats
One fifth of all internet activity is malicious and poses an ever increasing threat to organizations of all sizes. We believe one of the greatest steps an organization can take in defending itself against this malicious traffic is to simply discard it on their fastest devices. Prophet provides a platform which facilitates this exact measure: identifying and then discarding known and emerging threats using routing blackholes.
Use BGP to Integrate with Existing Devices
Prophet uses BGP, to peer with existing devices on a network such as load-balancers, routers, firewalls, switches, or even VMWare NSX. Prophet will dynamically ‘instruct’ these devices to take action on traffic whether it is to route to a blackhole for fast-discard, direct traffic to a DDoS Scrubber, or direct traffic through a honey-net for further analysis. Prophet is a BGP speaker/controller and supports all BGP messaging properties including RTBH (Remotely Triggered Blackholes) and BGP FlowSpec.
REST API for Integration
With Other Detection Systems
Cyber defenses can be strong if we all work together. This is why we have exposed our RTBH and FlowSpec BGP speaker technology via RESTful API's. We make it easy for all cyber threat detection systems to call our API when a true positive is detected and we'll handle all the mechanisms required for fast-blocking within the organization's network.
Cloud-Based Analysis, Correlation, Monitoring, and Detection
Flow Data is the source-of-truth to everything that is happening on a network. Our fully distributed NetFlow collection system supports all versions and specific device types. We store NetFlow in our cloud for processing, long-term storage, monitoring, reporting, and threat detection.
Intuitive UI for Data Exploration
Our UI allows for blazing fast search and metric aggregations, making it easy to find or discover any flow. BGP messages, including FlowSpec rules, can be triggered directly from the UI.
Threat hunters will find our cloud-based NetFlow collection and exploration software an invaluable tool in discovering and hunting down active threats within an organization.
Use and Contribute to Threat Intelligence
By integrating with industry leading threat intelligence feeds, Prophet provides a curated blacklist that can be used to dynamically block traffic on all enterprise devices via BGP. Additionally, any IOC’s which are detected by the Prophet AI engine are immediately distributed across all customers and are shared back to the intelligence community.