CounterTack’s Event Horizon® is an active monitoring, detection, and intelligence platform that enables organizations to identify, disrupt and respond to an in-progress cyber attack. It is the world’s first commercially available security solution utilizing virtual machine introspection to help enterprise and government organizations defend themselves from the devastation caused by advanced, targeted threats.
Uniquely utilizing the hypervisor, Event Horizon provides covert and omnipresent surveillance into guest operating systems and applications. It provides real-time analysis of O/S level functions that attempt to manipulate file, process and network behavior. No one knows you’re watching – but you can see everything, as it’s happening.
Key capabilities include:
- Real-time monitoring of network, workstation and server environments.
- High performance data capture of instruction-level data from memory at machine speed.
- Covert surveillance, with no agent or other artifact for the attacker to detect and bypass.
- A rich set actionable intelligence, including file, process and network level activity.
- Dynamic malware analysis and IPS signature generation.
- Simple, intuitive user interface to design detection rules and analyze forensic intelligence.
- Out-of-the-box integration into existing incident response and security solutions including SEIM and IPS.
- Protection for both Windows® and Linux environments.
“Monitor, Detect & Respond” like never before.
Event Horizon has reinvented the “Monitor, Detect, Respond” approach. Powered by high performance, covert virtual machine introspection capabilities, Event Horizon provides real-time visibility across the memory space, improving every aspect of the traditional model.
- Monitoring is more accurate.
- Detection is more precise.
- Response is more immediate and powerful.
