Versive is now a part of eSentire
PRESS RELEASE HEAR FROM OUR CTO

Detecting adversaries

Focus on the adversary mission, not individual behaviors

Anomalies and adversary behaviors are important, but what really matters is the way they are related. VSE uses AI to automatically uncover the required chain of threat activity that separates the signal — the real risks to your business — from normal network noise.

Required campaign stages

Reconnaissance

Exploring a network to understand its structure and to locate valuable data stored within it

Collection

Moving within the network to obtain additional network access credentials; gathering and moving valuable data in preparation for removal

Exfiltration

Covert transfer of valuable data from the network to external destinations (unauthorized server, thumb drive, etc.)

Situational Awareness

Dynamic modeling

Unlike static, rules-based security systems, our AI automatically learns and maintains a “normal” definition for each host within a customer’s unique environment. No human manipulation required.

Automatic ThreatCases

ThreatCases automate the time-consuming process of compiling the data needed to understand a threat. With an average delivery of 5 per week, security teams can focus on what matters most — shutting down the threats and minimizing risk.

Key behaviors, connected

Based on automatically learned definitions of “normal,” VSE surfaces sequences of anomalous behaviors that make sense only as part of malicious threat campaigns. This is how VSE delivers a handful of high-fidelity results, not a flood of false positives.

Transparent reporting

For AI to be trustworthy in cybersecurity applications, it should not be a black box of unknown methodologies. By design, our AI explains model results to ensure transparency. Customers understand how VSE arrived at its results, and know why they can rely on its ThreatCases.

Deploy the engine

Flexible. Software-only.

Built on the open source frameworks of Spark and YARN (no proprietary hardware required), VSE is capable of running on standard infrastructure in cloud, hybrid or on-premises environments.

Additional data sources, including data from supplementary cybersecurity products, can also be incorporated into VSE to enhance results.

Partners

Data and sensor providers

Tanium
paloalto
Gigamon

Infrastructure providers

cloudera
StreamSets
aws