Sniffa Network Security Solutions

Expose The Threats That Others Can't See

INTRUSION DETECTION SYSTEMS AND CLEAR NETWORK EVIDENCE FOR THE ULTIMATE IN THREAT VISIBLITY

Clear Network Evidence for Faster Investigations 

Correlating intrusion detection alerts with clear network evidence, will significantly reduce the time to detect attackers on your networks

Sniffa Network Security Solutions combine the alerts received from open-source Snort and Suricata intrusion detection systems (IDS) with the high-fidelity network transaction logs from open-source Zeek and full packet captures from Wireshark, to produce comprehensive network traffic evidence that far surpasses that gathered by traditional network visibility tools and NetFlow collectors.


Our centralised sensor management applications present that network traffic evidence to your SOC Analysts in a way that makes threat hunting more efficient, as well as integrating with SIEM applications such as Splunk for rapid pivoting and log correlation.


Correlating alerts from your IDS with contextualised network traffic evidence, makes detecting and responding to cyber attacks far simpler and will allow your cyber security engineers to significantly reduce the time to detect attackers operating on your networks.

Don't be blind to attackers operating on your networks

Extensive Visibility straight out of the box

  • Alert on indicators of compromise (IOC)
  • Seek out malicious file downloads
  • Monitor web servers for injection attacks
  • Detect rogue DNS and DHCP servers
  • Fingerprint encrypted connections (JA3 & JA3S)
  • Correlate contextual network traffic evidence
  • Filter accross connections, services and protocols
  • Streamline IOC & hypothesis based threat hunting
  • Identify the early stages of ransomware attacks
  • Spot malware C2 traffic leaving your networks
  • Recognise lateral movement inside your networks
  • Discover bad or expired X509 certificates
  • Detect data exfiltration from your networks
  • Alert on new or anomalous network behaviours
  • Pivot from IDS alert to packet capture (PCAP)
  • Produce network reports in PDF, Excel and Word format

Sensors tailored for your Environment

SNIFFA

MULTI-CLOUD


Centrally Managed

Intrusion Detection &

Network Traffic Analysis

for the

Cloud Customer (IaaS)

Private, Public and Multi-Cloud Networks.

SNIFFA

WHITEBOX V-CPE


Centrally Managed

Intrusion Detection &

Network Traffic Analysis

for the

Service Provider

Virtual Customer Premises Equipment

SNIFFA

VIRTUAL DATACENTER


Centrally Managed

Intrusion Detection &

Network Traffic Analysis

for the

Service Provider

Virtual Datacenter and

SD-WAN

SNIFFA

ON PREMISES


Centrally Managed

Intrusion Detection &

Network Traffic Analysis

for the

Enterprise, SMB & SOHO

On Premises Networks and

Branch Offices

Monitor & Detect on line rates up to 100G

Hosting your remote Sniffa Sensors on our partner packet broker appliances will promptly increase your network intrusion detection capability to line rates of

up to 10, 20 and 100 Gigabits per second (Gbit/s).

Overview of Sniffa NDR Applications

Get in touch and try our Software

You can download and install the Sniffa Sensor Manager Application Free for 7 days.


The Sensor Manager Application will install onto any currently supported Microsoft Windows Operating System and is used to centrally manage multiple open-source Zeek, Snort and Suricata sensors deployed on your network.


A Trial Licence allows you to manage up to 2 Sensors in the cloud or on premises for  7 days.


Boost your Threat Hunting Effectiveness and expose the threats that others can't find.

unsplash