The core of Fidelis Security is its patented technology, Deep Session Inspection (DSI), which scrutinizes the content of network sessions across all ports and protocols in real time to detect data policy violations, sensitive information and advanced threats. It processes, reassembles and iteratively decodes all packets for analysis. This recursive approach to information decoding lets Fidelis delve into network protocol tunnels, documents with embedded objects and archived files to uncover sensitive information not otherwise visible.There
are four main components of this product: sandboxing, threat intelligence, data
science and the response automation and analytics engine. Sandboxing covers
execution analysis, file and web analysis and machine learning-based malware
detection. Threat intelligence comes from Fidelis Insight, third-party threat
intelligence and customer-defined intelligence. Data science encompasses both
statistical analysis and supervised learning models. The response automation
and analytics engine provides real-time analysis for efficient detection and
response and historical metadata for threat hunting and investigations.DSI
comes equipped with various automated threat hunting tools, including packet
protocol investigation. The patented technology groups together all packets and
sessions and groups based on commonalities. It then dumps them into a session
buffer to look at all ports and protocols. If DSI cannot determine a packet’s
protocol, the protocol is classified as unknown. DSI leverages deeply granular
inspection of all packets with unknown protocols, looking for different types
of obfuscation techniques in real time and across every sensor. With 17
different content analysis engines, Fidelis can isolate and extract individual
communication objects for particularized analysis in real time.Administrators
often need to use IPs to identify acting users and their PCs. They can query
Active Directory to determine this information and add it to metadata and alert
details. Administrators also can deploy decoys onto their environment, enticing
bad actors with the promise of sensitive data then alerting security teams once
threats engage with their bait.The
dashboard is clean and provides a abundant high-level data. Building policies
and rules is intuitive. Putting together different types of indicators of
compromise to create rules and policies is straightforward and effective. An
embedded OCR scanner added to the mail sensor decodes outgoing mail messages
and scans attached images and PDFs.Pricing is tiered, based on
network bandwidth and deployment model, starting at $69,000 annually for a
cloud-based, 250MB network. It includes 24/7 global phone, email and web
support. Annual support and threat feeds are available for on-premises
deployments for 22 percent of the annual license fee.Tested by Matthew Hreben
Content
Fidelis Cybersecurity Fidelis Network 9.2.4
Product title
Fidelis Cybersecurity Fidelis Network 9.2.4
Product info
Vendor: Fidelis Cybersecurity
Price: $69,000 annually
Contact: fidelissecurity.com
Strength
The patented Deep Session Inspection is unique to Fidelis and scrutinizes network sessions in real time to detect violations and advanced threats, and the presence of sensitive information.
Weakness
None that we found.
Verdict
The patented nature of this product inherently renders it unique in its recursive approach to decoding information and delving deep into areas and files within a network that may otherwise go unscanned and undetected.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds