The Subex Secure Threat Management module helps you monitor all your connected assets such as IT-OT and IoT. Subex Secure Threat Management provides fully automated, agentless continuous monitoring in near real-time providing a view of threats and attack surfaces that are being exploited.
Agentless and Non-intrusive approach-
Subex Secure non-intrusively monitors data within the network it is deployed to secure and applies multiple detection methodologies such as Signature-based, Heuristics, and AI-based anomaly detection that can cover all known-knowns, known-unknowns, and unknown unknowns in your network. IT-OT and IoT infrastructure encompass a wide array of systems that need to be monitored through multiple mechanisms and input feeds, Subex Secure threat management achieves this by using an extensible architecture capable of accepting multiple types of input feeds from layer 3 all the way to layer 7 and correlating the data from these feeds to look for patterns and threat vectors.
Subex Secure uses proprietary Deep Packet Inspection technology inbuilt with IT, OT, and IoT protocol stack engines for detection. The module can be enabled through license configuration whenever you need to detect threats in your environment
Threat management once enabled, starts analyzing network traffic in the form of PCAPs and provides alert events that can be immediately actioned through an inbuilt workflow module or integrated with your existing security solutions or any third-party through APIs or custom scripts. The metadata collected builds required behavioral characteristics over time with AI models that can predict the most obvious attack vectors, APTs with contextual information, that are not usually detected by rule-based detection systems.