Sift Security integrates an advanced anomaly detection platform into its security investigation tool. The platform identifies anomalous behaviors in log data, specifically behaviors that are indicators of malicious activity. The anomaly indicators are combined with indicators from other security products, such as antivirus, firewalls, and point solutions. The platform serves two purposes: to provide prioritized starting points for investigations, and to accelerate investigations by focusing an analyst’s attention on the most relevant and noteworthy details.
Sift Security prioritizes starting points by considering indicators in the context of all the available data. This might include details about network communication, process execution, and authentication events, depending on what data sources are available. Considering the indicators in context enables Sift Security to identify indicator patterns of more serious attacks.
Please enter your contact information below and press submit.
We will send the link to the anomaly detection documentation to the email address provided below.