Solutions for all sorts of breaches

Blue divider

We collect, detect and prioritize high-fidelity alerts in real-time and respond with automated enforcement or alerts to security personnel.

SightLabs Solutions for all sorts breaches
Globe 1
Globe 2
For detecting command and control
DNS Ninja

DNS Ninja

Blue divider

DNS Ninja analyzes all DNS traffic, throughout your entire organization. Each DNS request/response pair is analyzed and classified into a number of categories, ranging from internal, to computer-generated, to invalid. DNS Ninja is very well suited for detecting command and control, and exfiltration techniques.

Full insight into your
organization’s DNS traffic

Advanced machine learning algorithms for detecting generated domain names

High-fidelity alerts based on deviations and periodicity of classified DNS requests

Anomaly detection


Blue divider

Our Anomaly Detection module is a generic but robust module that detects anomalous behaviour in time series data. This module uses the latest insights in Machine Learning algorithms, but also takes into account typical human behaviour to improve its model.

Unique time series algorithm taking human behaviour into account

High-fidelity alerts based on anomalous network behaviour

High-fidelity alerts based on deviations and periodicity of classified DNS requests

Clustering background


Blue divider

SightLab’s Clustering module is an extension to our Anomaly Detection module. While Anomaly Detection requires pre-classification of the input data, Clustering will perform automated classifications based on the similarities in the interactions described in the data.

Highly-scalable solution for analyzing network data

Advanced machine learning algorithms for automated classification and clustering of network devices

Detects anomalies in highly-detailed data flows from existing network devices

Behaviour analysis blue icon


Blue divider

The Behaviour Analysis module absorbs network flow data and uses a number of detectors to find specific communication patterns. It does not require a learning phase. Years of research by the Dutch research institute TNO have resulted in a set of detectors that discover DNS tunnels, illegal VPNs, fast flux techniques, exfiltration techniques and port scans.

Use network data flows to detect specific communication patterns for numerous attack techniques

Benefit from the ongoing cybersecurity research by leading Dutch research institute TNO

Valuable alerts from day one



Blue divider

SightLab’s Classification module gives organizations full insight into network devices and services in their infrastructure. Using network data flows, the Classification module will identify all network services and clients. This information not only helps organizations to better understand their IT landscape, but also provides insight into the impact of security breaches.

Obtain complete insight of the network services and clients

Improve the effectiveness of the Anomaly Detection and Behaviour Analysis module

Provides insight to determine the business impact of breaches

Talk to one of SightLabs’ trusted experts!