next gen secure infrastructure + 24/7 MANAGED SECURITY SERVICES
focus on your business. we will protect it 24/7.
Enterprise-grade security tools and counterintelligence experts join to deliver US CYBER VAULT, per-user affordable, effective cyber protection, managed 24/7/365 by the private sector's only cyber counterintelligence team. Deploy the team and tools you need in days rather than months or years. Let your IT innovate with projects that move your bottom line. You're in a cyber war and need the vigilant and relentless defense of US CYBER VAULT.
relentless defenders with teeth.
Extend your team with the private sector's only cyber counterintelligence team. By having the best good guys on your side, threats are found faster and bad guys are stopped in their tracks and held accountable for their actions. We work hand-in-hand with state and federal agencies to prosecute attackers in the US and extradite those outside our borders.
trustworthy layered defense.
US CYBER VAULT delivers industry leading next-generation security tools managed by counterintelligence experts. We are vendor agnostic and choose only the best layers of defense for you: DDoS, NextGen firewalls, WAF, advanced malware protection, IPS/IDS, DLP, SIEM, SOC, endpoint, anomaly alerting, and log analysis. Explore the layers of defense in more detail below.
US CYBER vault - LAYERS OF DEFENSE
Distributed Denial of Service (DDoS) Protection
protect business continuity and availability from the growing constellation of DDoS attacks and other advanced threats
- 1 TBps DDoS protection from active botnets, volumetric, state-exhaustion and application-layer DDoS attacks
- SSL Decryption Stop DDoS attacks hidden in encrypted traffic, DDoS protection from active DDoS campaigns based on IP reputation
- Stop in-bound DDoS attacks and out-bound malicious activity from compromised internal hosts
- Advanced web crawler service, GeoIP tracking, stop both IPv4 and IPv6 attacks
- Domain and IP reputation block threats by connecting with cloud-based DDoS services automatically alerting upstream service providers when larger attacks threaten availability
- Intelligence Feed Protection is continuously armed with the latest, global, threat intelligence from the Security & Engineering Response Team (SERT)
Next Generation Firewalls
Safely enable applications and protect your network from advanced cyber attacks
- Single-class traffic classification mechanism natively inspects all traffic - across applications, threats, and content - and ties the traffic to the user in order to align your network security posture with key business initiatives
- Protect your network and security policies based on application identity - irrespective of port, protocol, SSL encryption, or evasive tactics
- Insects the application stream to prevent viruses, vulnerability exploits, botnets and spyware, and advanced persistent threats from reaching your network
- Map applications to the user identity for more granular visibility, policy control, forensics, and reporting
Web Application Firewalls (WAF)
Block web application attacks, remain compliant, and keep your web properties highly available
- Hybrid security model - To defeat new, unpublished exploits, a positive-model policy engine that understands permissible user-app interactions automatically blocks all traffic falling outside this scope. As a complement, a negative model engine uses attack signatures to guard against known threats to applications.
- XML protection - US Cyber Vault AppFirewall not only blocks common threats that can be adapted for attacking XML-based apps (e.g., cross-site scripting, command injection), but also incorporates a rich set of XML-specific protections, including comprehensive schema validation and the ability to thwart related application-layer DoS attacks (e.g., excessive recursion).
- Advanced protection for dynamic elements - Multiple, session-aware protections secure dynamic application elements such as cookies, form fields and session-specific URLs, thereby thwarting attacks that target the trust relationship between client and server (e.g., cross-site request forgery).
- Tailored security policies - An advanced learning engine automatically determines the expected behavior of enterprise web applications and generates human-readable policy recommendations. Administrators can then tailor the security policy to the unique requirements of each application to avoid false-positive detection events.
- Ensured compliance - US Cyber Vault AppFirewall is ICSA Certified and enables enterprises to comply with data security mandates such as the PCI DSS v3.1, which explicitly encourages the use of WAFs for public-facing applications that handle credit card information. Detailed reports can be generated to document all protections defined in the firewall policy that pertain to PCI mandates.
- Zero-compromise performance - The industry’s highest-performing web application security solution delivers 12+ Gbps of comprehensive protection without degrading application response times. The net result is an ideal solution that delivers unparalleled web protection along with a high-definition application experience for today’s demanding users.
Advanced Malware Protection
Implement proven network security for known and unknown threats
- Analyze more than 80,000 events each second across multiple virtualized environments to detect known, unknown, and multi-vector attacks commonly missed by firewalls, AV software, IPS, and traditional sandboxes
- Enable wire speed protection scaling up to 4 gigabytes per second (Gbps)
- Minimize duplicate and false-positive alerts generated by traditional IPS and riskware products, reducing operational overhead
- Access US Cyber Vault's global intelligence sharing network to prioritize alerts and direct loss-mitigating responses
- Department of Homeland Security SAFETY Act certified
Intrusion Prevention & Detection System (IPS/IDS)
Next generation intrusion prevention and detection delivers better network protection from today's cyber threats
- Quickly identify devices operating outside of normal standard operating procedures, including detection of which software packages are being used to generate the traffic
- Highlight applications run on your network and protected users running them, controlling which applications are allowed and which are not - by whom and to what level
- Gather identity information for the devices and applications attached to your network as well as the traffic transmitted, aligning with databases including Microsoft Active Director and LDAP
- Establish and monitor the baseline behavior for your network's devices to quickly flag and mitigate anything that violates pre-established policy such as bandwidth consumption and performance degradation
- Respond to events as they occur based on pre-established cyber security policies to mitigate data loss quickly
- Tune US Cyber Vault based on information gathered in order to optimize counterintelligence
Data Loss Prevention (DLP)
Identify risky network behavior and dangerous protocols quickly to mitigate data loss at the network layer, minimizing disruption to your business.
- US Cyber Vault stops unauthorized network traffic based on content, application, or protocol controls to prevent data loss in real time – even on high-speed networks
- Inspect all traffic – including attachments and compressed files – across all 65,535 ports without sampling
- Identify critical types of sensitive information - including PII, credit card data, source code, ePHI, classified data - to help protect your digital assets
- Quarantine unencrypted emails or redirect them to an encryption solution before they leave your network
- Manage use of high-risk Web applications by monitoring email, Webmail, instant messaging, file transfers, telnet, peer-to-peer networks, and more
Security Incident Event Management (SIEM)
Fully integrated SIEM and log management gives your team complete security visibility into your entire US Cyber Vault environment from a single pane of glass.
- US Cyber Vault’s SIEM has all the security capabilities you need plus a centralized alarm dashboard that utilizes the Kill Chain Priority to focus attention on the most important threats.
- It breaks attacks out into five threat categories that help US Cyber Vault understand attack intent and threat severity, based on how they're interacting with your secure environment.
- Search - See events stored in the database, filter for more granular data, and sort by event name, IP address and more.
- Inspect - Use integrated packet capture functionality to capture interesting traffic for offline analysis.
- Vulnerabilities - Identify whether an attack is relevant by correlating reported vulnerabilities with malicious traffic.
- Logs -Search for any raw logs that are related to activity reported by an alarm. Raw logs are digitally signed for evidentiary purposes. You can also filter by time range and search pattern and export raw logs as a text file.
Your endpoints are under attack. Defend them now with next-gen antivirus and activity recording for all your endpoints.
- Comprehensive OS coverage (Windows, Linux, Mac)
- Any infrastructure at scale - cloud, on-premises, 1M endpoints
- Protect: POS, ATM, ICS, applications, workstations, servers, datacenters
- US Cyber Vault's next-generation antivirus defends against malware that exploits memory, PowerShell and other scripting languages.
- Continuously record and centralize all endpoint activity giving the IRT real-time attack intel to greatly reduce dwell time and damage to your brand.