Building on Passive Security
Passive security systems should be the foundation of every network security system. MetaFlows has built a unique Malware detection and prevention system that does much more than that. MetaFlows’ proprietary combination of flow analysis, log management and event analysis capabilities, as well as powerful threat detection and prevention tools, offers customers access to information that gives them an unparalleled view of their network security.
MetaFlows is an active security system. The MetaFlows Security System (MSS) actively looks for threats and engages them using external and internal decoys called “honeypots” and “cookie jars”. The decoys record the security event data and use it to update local and global security policies.
More on Honeypots and Cookie Jars
MetaFlows honeypots are external decoys, placed all over the world, to lure potential threats into demonstrating their latest hacking tactics. The intelligence from each of these honeypots is then processed in the MetaFlows cloud and distributed to our customers’ domains for further refinement of their sensor’s detection methods. Honeypots are sand-boxed so that infected virtual machines cannot propagate the infection once they are infected.
MetaFlows cookie jars are internal decoys that are easy to use and completely isolated from actual network assets. MetaFlows customers use cookie jars to lure internal threats into demonstrating how they could be exploiting company resources or violating company policies. The intelligence from these cookie jars is then relayed to the security console and, upon admin confirmation, learned for future detection.