Skip to main content

Gatewatcher AionIQ

Download With Dependencies

This pack provide integration with Gatewatcher NDR solution : AIonIQ

This pack provide automatic integration with Gatewatcher NDR solution : AIonIQ

Gatewatcher is a leader on Network Detection and Response (NDR) market.

AIonIQ optimize in real time, threat detection and incident response based on internal and public network flows. In a single pane of glace it provides a complete view to SOC expert on threat malicious activity on their network based on a consolidated risk score.

It combines multiple and automated engines applying behavioral analytics. Main engines are based on supervised machine learning (ML) engines, oriented threat use cases detection for example :

  • Identify 0day suspicious activities on the network,
  • Investigation post-breach research such as ransomware,
  • Hunt insider threats,
  • Detect possible lateral movements even if raw network packets are encrypted,
  • Spot shadow IT

It also triggers alerts based on rules and signatures to spot anomalies. To complete its detection mechanisms, AIonIQ provide also file analysis to inspect malicious code execution. Every engine and meta data are enriched with internal Threat Intelligence capacities.

Thanks to this pack end-user could easily and quickly integrate AIonIQ with their own ecosystem and organization to automate and accelerate security incident management like :

  • Pushing alert notification with all AIonIQ enrichment to the right internal SOC team
  • Collecting additional information to enrich AIonIQ events
  • Engaging automatically mitigation from AIonIQ outcomes

Entire Gatewatcher products are reachable by API integration, all features are available, Gatewatcher will continue to evolve in this direction adding new capabilities with this pack in the future.

This pack provide automatic integration with Gatewatcher NDR solution : AIonIQ

Gatewatcher is a leader on Network Detection and Response (NDR) market.

AIonIQ optimize in real time, threat detection and incident response based on internal and public network flows. In a single pane of glace it provides a complete view to SOC expert on threat malicious activity on their network based on a consolidated risk score.

It combines multiple and automated engines applying behavioral analytics. Main engines are based on supervised machine learning (ML) engines, oriented threat use cases detection for example :

  • Identify 0day suspicious activities on the network,
  • Investigation post-breach research such as ransomware,
  • Hunt insider threats,
  • Detect possible lateral movements even if raw network packets are encrypted,
  • Spot shadow IT

It also triggers alerts based on rules and signatures to spot anomalies. To complete its detection mechanisms, AIonIQ provide also file analysis to inspect malicious code execution. Every engine and meta data are enriched with internal Threat Intelligence capacities.

Thanks to this pack end-user could easily and quickly integrate AIonIQ with their own ecosystem and organization to automate and accelerate security incident management like :

  • Pushing alert notification with all AIonIQ enrichment to the right internal SOC team
  • Collecting additional information to enrich AIonIQ events
  • Engaging automatically mitigation from AIonIQ outcomes

Entire Gatewatcher products are reachable by API integration, all features are available, Gatewatcher will continue to evolve in this direction adding new capabilities with this pack in the future.

PUBLISHER

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

CertificationRead more
Supported ByPartner
CreatedOctober 23, 2022
Last ReleaseMay 29, 2024
WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER
Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.