Recommendations
Netacea has the capability of providing Recommendations using N/ Data Sync.
Last updated
Netacea has the capability of providing Recommendations using N/ Data Sync.
Last updated
Copyright Netacea 2023
N/ Data Sync delivers a real time stream of bots detected, using zero-latency integrations with log capture tools and other threat or risk feeds.
Netacea provide a N/ DETECTION FEED of all current threats to the customer to use as the basis for taking action against visitors using existing systems
The data can then be used in correlation with other SIEM feeds to gain better insight into the overall Target security posture
The data can be supplied to the customer's preferred ingest method for actioning. Examples include placing messages onto a Kinesis stream or by sending the information to an S3 bucket.
The visitor requests the site protected by Netacea.
A copy of the web request is sent as log data for analysis using our collective threat intelligence, machine learning and behavioural analysis to determine if the request is safe.
The Netacea Plugin can send the request to an ingest API endpoint.
The customer can send the request via a separate log shipping job to an endpoint provided by Netacea.
N/ Detection Engine analyses every request and re-evaluates the status of every visitor. Any visitors/potential visitors identified as threats by N/ Detection Engine are added to the Targeted Theat List ready for the next request from that visitor.
Netacea then distributes the list of all active threats to the customer to identify and take action against. All threats detected are made available either as a regular file drop or via a Kinesis stream. Threats can be imported into existing threat management systems (for example for the automated creation of WAF rules of account lockout flags) or be used as a data source for subsequent requests.
Customer takes action on the recommendations in line with their blocking strategy.
If the requests are benign, subsequent requests are passed to the origin as normal.
If the requests require a mitigation to take place, the appropriate action is taken and served to the client on all subsequent requests.
