Enterprise Solutions
Click Here for White Papers and Case Studies

Failsafe

Introduction

What Damballa Does
Damballa's enterprise solutions combine local appliances and an Internet-based surveillance network to identify targeted attack activity and isolate it from legitimate network traffic.

Organizations concerned about compromised machines operating inside their network, unimpeded by AV or IDS/IPS, use Damballa’s Failsafe network security appliances. These devices are placed at key Internet access points and network intersections to identify internal activity typical of bot-driven targeted attacks. Damballa notifies clients in real-time when a new compromise is detected.

As the pioneering leader in targeted attack protection, Damballa knows that the only way to combat these threats is to understand the full breadth of their capabilities, propagation, and Command-and-Control (CnC). This approach includes deep research and analysis into the unique networked, borderless nature of botnets – something very different from simple signatures or packet analysis. Damballa's powerful insight quickly identifies both individually compromised machines and entire compromised networks operating internationally across corporate boundaries.

Damballa's enhanced technology delivers a number of advantages over other security offerings, including:

  • Faster identification, understanding and response to newly emergent or previously undiscovered targeted attacks
  • Rapid analysis of suspicious activity, without requiring signatures or network behavior profiles
  • Detailed, real-time information on changes to compromised systems
  • Immediate attack disruption, including infiltration of botnets and the issuance of false information to malware Command-and-Control (CnC) nodes
  • Live attack monitoring within a safe, controlled environment in order to learn more about the exact risk, intent and evolution of an attack

The end result is an easily managed, cost-effective solution that prevents sensitive information from leaving the enterprise and protects with minimal impact on network management, security management or end user operations. As such, Damballa represents a powerful advance in real-time protection against targeted attacks, and a valuable addition to Defense-in-Depth (DiD) security infrastructure.

Sample Damballa portal report
Damballa's easy-to-use portal reports deliver 24x7x365 insight into internal targeted attack activity.