Globe 1

Argus Panoptes: the All-Seeing

Blue divider
Header the all seeing blog

Vigilance where others sleep

How resilient is your organization to attackers that are already inside your network? This question is often difficult to answer. Only when ransomware rages through your organization, it becomes clear that there are attackers in the building. By then, unfortunately, it is too late. Are you using all possible resources to detect threats before they do any damage?

Vigilance has always been an important aspect of security. Just locking the door is not enough: continuous vigilance and monitoring is paramount. Already in Greek mythology, the giant Argus Panoptes is mentioned. He had a hundred eyes all over his body, of which never more than two slept at once. Is such vigilance also possible within your IT infrastructure?

Network Detection

Many security solutions focus on prevention and protection, which is highly necessary. However, prevention alone is not enough! We are increasingly becoming aware that it is unavoidable that malicious parties are probably already inside our infrastructure. Whether this is due to holes in the defence, because of employees (consciously or unconsciously) or through supply chain attacks: there is always a way to get in. Detection is therefore crucial, and your network offers an enormously rich resource to detect malicious parties. That is: if all resources are used and the right monitoring services and algorithms are deployed.

Would you like to know more about network detection and how it can benefit your organization?

Behavior

Network data is complex. Even monitoring all DNS requests and responses yields an amount of data that is beyond the capacity of most SIEMs. And even if a SIEM is able to process this DNS traffic, is that valuable? The added value of the SightLabs modules is a set of algorithms, developed in collaboration with TNO, which focus on finding abnormalities in behaviour. Which machines in your network show anomalies in DNS traffic? Which traffic flows in your network changes behavior over time? This information is not only essential for generating high-quality alerts, but also for supporting cyber threat hunting tasks.

  • All possible network resources are used for optimal protection.
  • The algorithms developed by TNO are capable of converting large amounts of data into directly applicable information. 
  • The SightLabs platform offers an optimal balance between insight, protection and costs.

The story of Argus ends pretty unfortunate – despite all his vigilance, he is lulled to sleep by the god Hermes and killed. Will you stay awake?

SightLabs helps you stay alert. Ready to start detecting the undetected? 

Share

Talk to one of SightLabs’ trusted experts!

Toestemming*
This field is for validation purposes and should be left unchanged.

DNS Ninja

DNS Ninja

Anomaly detection

Anomaly Detection

Clustering

Clustering​

Network behaviour

Network Behaviour
Analysis

Classification

Classification