Page 84 - CSEW
P. 84

Cognitive Threat Analytics











                                                 CTA Layered Detection Engine

                                                                  Included in AMP
         AMP
                        AMP
                                      CTA
                                           Layer 1
                           Dynamic                                        CTA
                           Malware                                              Layer 2                   CTA  Layer 3
                           Analysis
           File Reputation                  Anomaly           Trust        Event classification  Entity modeling  Relationship modeling
                                            detection        modeling
                             File
                          Retrospection








                           Anomalous                     Malicious                      Threat               Threat Campaign
                         Web Requests (flows)       Events (flow sequences)    Incidents (aggregated events)   Incident Clusters
                   Recall                                                                                              Precision



      © 2016 Engage ESM All Rights Reserved                                                                                             93
   79   80   81   82   83   84   85   86   87   88   89