Authored on: May 19, 2014
Download In this paper, the SANS Institute reviews how Damballa Failsafe provides enterprises with indisputable evidence about infected devices. Instead of receiving alerts, security teams get a prioritized list of infections with complete forensic details so they can rapidly respond based on risk to the organization. Instead of relying on any one technology to discover threats, Damballa Failsafe uses eight detection engines that automatically analyze network behavior, assess payload content and apply threat intelligence. Together, these mechanisms can render a verdict of infection regardless of threat vector, operating system or device.