Damballa Dreadnought Protection quickly and accurately identifies targeted attack activity that originates from outside the network perimeter.
Damballa’s Dreadnought Solution protects enterprise networks from external targeted attacks that attempt to connect with mission-critical internal systems. This network-based solution combines Damballa’s Global Surveillance Network with an external Dreadnought appliance to provide immediate identification, protection and feedback when targeted attacks such as BotArmies attempt to connect with internal systems containing confidential information.
Dreadnought utilizes Damballa’s unmatched knowledge of targeted attacks, bots and the command-and-control (CnC) infrastructure used to control BotArmies to track the type of connection, when it happened, and whether it was successful. Damballa’s rapid alerting system delivers these essential details to administrators. For even tighter integration, Damballa’s portal integrates easily with popular trouble ticketing systems, so that the right people in your organization always receive the information they need, as soon as it becomes available.
Dreadnought Protection Benefits
| Feature |
Description |
Client Benefit |
| Rapid identification of external attempts to reach internal systems |
- Sensor tracks new and newly active targeted attack traffic before it crosses the network perimeter
- Fast, accurate identification of targeted attack activity
|
- Faster recognition and alerting drives a more flexible, more thorough response
- No guesswork. You know what's compromised
|
| BotMaster command-and-control disruption |
- Locates actual IP address of BotMaster
- Isolates BotMaster command-and-control
- Prevents individual bots from acting as a unified BotArmy
|
- Allows client to prevent individual bots from acting as a unified BotArmy
- Allows client to prevent bots from taking the actions issued by the BotMaster
- Protects other internal devices from compromise
|
| Fast, accurate analysis of targeted attacks |
- Targeted attack reconnaissance and polymorphic capabilities
- Recent targeted attack activity including rallying and attack information
- Relative BotArmy size
- Remediation guidance for compromised systems
|
- Understand risk to intellectual property
- Assists in prioritizing remediation activities
- Assists in locating the exact file, or binary representation, on the compromised machine
- Educates executive management on current targeted threats
|
| Finds threats that AV and IDS/IPS miss |
- Works without signatures
- Recognizes polymorphic malware
- Finds threats that evade network-based security
|
- Provides comprehensive protection for network-based threats that signature- and packet-based security technologies can't detect
|
| Detailed reporting and real-time alerting |
- Daily summary reports
- Customized alerting for each user
- Trend reporting of targeted attack activity over time
|
- Ensures that the user receives actionable information in the most efficient manner possible in order to protect the enterprise
|
| Global Internet visibility client |
- True global view of targeted attack activity
- Insight not limited to client's installed base
|
- Recognizes threats before they attack
|
