Real-time protection from every known threat
Integrating more than 4 billion usable indicators of compromise every day, in real-time, to protect your business.
"It's eliminated all of the standard attacks, I haven't received an alert from the firewall in more than 10 days."
CAA, North and East Ontario
FREQUENTLY ASKED QUESTIONS
CleanINTERNET® is an intelligence-powered security solution using high performance computing technology, patented software algorithms and uniquely skilled security analysts to deliver a robust alternative protection strategy at significantly lower cost. CleanINTERNET® presents an alternative approach to cybersecurity, putting threat intelligence at the forefront, moving from reactive to proactive defense, and helping security teams be more efficient and effective.
- Scale. To leverage all available data for indicators of compromise (IOCs) it requires far more processing power than is technologically possible. Firewalls can handle less than 1% of currently available high fidelity intelligence. Our Threat Intelligence Gateway, the RuleGate®, employs thousands of feeds constituting billions of risk normalized IOCs.
- Dynamics. The power of intelligence is keeping up with the real time threat environment. This means aggregating, deduplicating and validating millions of IOCs every day as they emerge in real-time. Centripetal’s intelligence continuously updates with no loss of service or protection.
- Context. Intelligence operations are not blunt blacklisting, context matters. This means every in-network action must also collect extensive meta-data to make risk-based analysis possible. As events are observed, Centripetal builds a meta-data record for every event capturing all observable risk factors in the traffic and pairing them with risk factors in the intelligence. We then record the full transaction for later forensics and correlate session and flow information. Our systems score and process all of the collected events in real time using artificial intelligence technologies and then dynamically alert our human intelligence operations analysts.
An Intrusion Detection System (IDS) uses signature-based detection to identify malware on the wire. It can trigger a security incident and can be an important indicator of an attack in progress. An Intrusion Protection System (IPS) sits inline in the network and can block the attack at point of ingress. However, most IPS systems are not sufficiently powered to be able to handle a full network load without introducing latency.
CleanINTERNET® uses IDS functionality to perform a secondary inspection on traffic deemed suspicious, but not necessarily shielded initially. This can be used to provide immediate feedback to the user and to intelligence analysts, indicating that the traffic is in fact malicious and should be shielded. Immediate changes to the policy can then be applied.