We focus on on device behaviour, but with a key difference.
RazorSecure uses true anomaly detection to identify attacks. We approach from the knowledge that attack behaviour can and will always change over time. Whereas "what is normal" for a device should never change.
Detecting attacks is all about visibility, our approach gives a clear baseline and we only alert when there is a real change to an asset/network. Leading to fewer false positives and stability across the life of the asset
"Security vulnerabilities exist in the most unlikely places throughout all transports networks. They are characterised by weakness. Attacks on 'non-critical' networks, such as passenger wifi, may seem inconvenient but they can be a path to much greater access for the hacker."
Alex Cowan, CEO for RazorSecure
You can’t protect
what you don’t know about
Assets are discovered using the RazorSecure software across devices and network segments that our software is monitoring. We provide visibility into the type of device, manufacturer, IP addresses and can provide insight into logs and SNMP monitoring.
Network Mapping and Discovery
Visualise your network and detect key behavioural differences
Combined with asset discovery, we provide the ability to baseline and monitor network devices and connectivity between those devices. This gives you the ability to detect key differences in the network and traffic between devices.
Detect device and network intrusions in real time
When integrated into a key device, RazorSecure Delta provides visibility and detection of processes, critical files, network traffic, installed software and more. Combined with our decision making software and machine learning, this gives you industry leading intrusion detection.
For situations that need extra visibility beyond the network
RazorSecure Delta learns what is normal by looking at processes, configuration, hardware, listening network ports, network traffic and system logs to build a baseline of normal behaviour. We then apply our anomaly detection to detect key changes in behaviour and the opportunity to autonomously respond to attacks in real time.
Detecting the true security and operational unknowns
RazorSecure’s machine learning focuses on detecting changes in behaviour giving you visibility into both security and operational anomalies. As attacks become more customised, this technology becomes important for detection of new attacks especially in environments that cannot be updated with new signatures.
Open Data Integration
Enrich your data with an integrated single point of truth
Data from the RazorSecure platform can also be integrated into other leading SIEMs via Common Event Format (CEF) feeds and REST APIs. RazorSecure also offers a full monitoring service, currently protecting major transport operators in the UK and USA.
Alerts and Reporting
Monitor performance without excessive false positives
Developed with leading transport operators to ensure clear, consistent reporting of your connected assets. It provides a single pane of glass for monitoring your assets, with clear, human readable alerting and management of the RazorSecure baseline models.
Security Framework Compliance
NIS, NIST and CELENEC compliance made easy
RazorSecure works with standards bodies and developers of cyber security frameworks. We ensure that our software helps meet key requirements under asset discovery, log aggregation, intrusion and anomaly detection. Most importantly we do this in a way that is easy to use and manage over the life of the asset.
An adaptable solution for even the most challenging environments
We understand that each customer has different requirements, we offer a flexible, hybrid approach to protecting key devices and the network itself. We can deploy our solution via software, virtual machine or hardware allowing us to protect the most challenging customer environments.