Threat actors often modify their tactics, or the tools they use to attack, but their techniques, or methods, have a...
Built on the patented Deep Session Inspection® architecture, Fidelis XPS™ is able to understand the context of data flowing into and throughout a particular network being protected, and any unauthorized data exiting the network can be identified and prevented from ever leaving. Unlike other providers who purchase document cracking and content analysis components from third parties, Fidelis XPS has been architected from the ground-up to see, study, and stop advanced threats.
Deep Session Inspection employs a unique five-step process to analyze network traffic – providing the visibility, analysis, and control options necessary to prevent data breaches. Combining accuracy with speed, the steps are executed in memory (not on disk) so advanced threats and data theft can be prevented in real time.
Step 1. Packet Capture: Packets are captured flowing across the network either out-of-band or inline on the network.
Step 2. Session Reassembly: Session packets are reassembled in memory into sessions in order to conduct deep session and payload inspection.
Step 3. Channel Control: Channels are analyzed and usage policies are automatically executed, enabling an organization to see and control what is occurring across the network and detect and contain traffic that creates significant data theft risk.
Step 4. Payload Decoding: Sessions are analyzed for document type rules and the content inside the documents is exposed for analysis.
Step 5. Content Recognition and Analysis: Critical or sensitive information is identified (based on characteristics) by sophisticated statistical and pattern-recognition content analyzers.