Detecting the Attacks that Evade Other Protections
In the first phase of the threat life cycle – detection – Triumfant’s analytics employ sophisticated algorithms and correlation functions to leverage the learned context and identify potentially malicious changes, as changes are detected by the agent and sent to the server.
The AtomicEye agent continuously monitors each host machine to collect changes that are at the heart of the discovery and analysis process. Ultimately, the analyze step begins with the same set of information: the accumulated changes from one or more scans of the host machine. What triggers the process and the production of the scan falls into four scenarios:
- Real-Time Discovery with Persistent Attributes
- Real-Time Discovery with In-Memory Volatile Attributes
- Discovery on the Daily Scan Cycle
- On-Demand Scans
Learn more about how AtomicEye can stop a breach before it becomes a full-scale attack during the analysis, remediation, and prevention phases. Download the Discovering and Remediating Malicious Attacks white paper for a detailed technical overview of Triumfant AtomicEye.