The Versive Security EngineThe Smartest AI-Driven System for Detecting Advanced Adversaries
The Versive Security Engine detects suspicious behaviors in your environment and uses adaptive machine learning from the Versive Platform to correlate these behaviors.
We can conclusively determine whether your business is at risk of losing money, intellectual property, or reputation as the result of a headline-making hack.
The engine maps each suspicious behavior to a stage in the adversary threat campaign lifecycle and displays contextual information about connected
behaviors in a single, easy-to-understand report called a Threat Case. By cutting out noise and displaying only critical, relevant information, we show you how an adversarial campaign is unfolding in your environment, in time for you to take action and prevent damage.
Benefits of The Versive Approach: AI + Human Intuition, Automated
Automatically Customized to Your Environment: The VSE’s models are trained on your actual data, making the system highly accurate, customized to your network, and impossible to deceive, unlike pre-canned algorithmic processes used by other security tools.
High Accuracy, No Noise: If we send you a high-value Threat Case, it warrants immediate investigation, period.
Human Expertise: Knowledge from the world’s foremost white-hat hacker, Peiter “Mudge” Zatko, is built into the product, combining machine power with decades of cyber learning for unmatched insight.
Constant Improvement: As your environment grows and changes, the VSE evolves and grows smarter automatically, thanks to the adaptive machine learning at the core of the Versive Platform.
What is a Threat Case?
A Threat Case is a contextualized collection of evidence related to a potential adversary campaign in your network. These cases are highly accurate and always worthy of immediate investigation.
Each threat case is built in three stages: Detect, Connect and Present.
The Versive Security Engine uses machine learning to detect suspicious behaviors on a variety of dimensions related to the adversary lifecycle.
Then, it looks for connections between these behaviors across the network and across time to build a Threat Case. In this way, the VSE can determine, with an incredibly high level of confidence, when there is something that is truly worth investigating.
Finally, the case is presented (via UI or API) with all the associated context, in a way that makes the case easy to understand and enables you to take action.
Understanding the Adversary Campaign Lifecycle
The adversary campaign lifecycle, also commonly referred to as the cyber kill chain, describes the various steps that all bad actors must go through to fully execute an attack. A campaign will not be successful unless an adversary somehow understands where things are on your network (RECON), gathers the desired data in a place from which it can be removed (COLLECTION), and removes it from the network (EXFILTRATION). By focusing on this broader pattern of advanced adversary campaigns, we can detect coordinated campaigns that would otherwise go undetected.
The VSE uses data sources from your network (including from supplemental security tools like UEBA and endpoints), to learn what “normal” behavior looks like in your unique environment.
2. Suspicious Behavior Detection
The VSE models the behaviors that cybersecurity experts recognize as most strongly correlated to advanced adversary campaigns in your environment.
3. Build Threat Cases
By mapping the connections between suspicious behaviors across the network and across time, the engine visualizes the progress of a threat over time with an incredibly high degree of confidence.
4. Deliver Results
You can view results in our convenient UI or access the data through our API to view and use however you like.