What makes empow different?

empow’s solutions are based on proprietary technologies – backed by 16 patents
– which enable organizations to implement a uniquely effective, automated
security platform.

empow’s solutions – the i-COR analytics engine, i-SIEM and i-XDR –
offer the capabilities described below.

Predictive Response = Prevention

At the heart of all of empow’s platforms is the i-COR analytics correlation engine.
Based on proprietary AI and Natural Language Processing (NLP) algorithms
(backed by 16 patents), this technology autonomously understands the intent
behind each piece of data that the existing network infrastructure generates and
knows to identify if these pieces form a real attack “story” against the
organization. Belief & Bayesian technology is then used to correlate the evidence
and effectively predict the attacker’s next steps, or “intent”, and alert of future
attacks before they occur.

It Works for

Ransomware

Financial data-leak

Privilege escalation

Insider threat

Intelligence gathering

Personal data-leak

An Adaptive Security Platform

empow’s adaptive security platform sits on top of the network infrastructure and
actualizes the intent-based security language by translating targeted defense
strategies (Security Apps) into coordination instructions for detection,
investigation and response according to each Security App. The Platform
effectively implements and executes these throughout the organization’s existing
security tools and network infrastructure, while continuously measuring the
security system and the effectiveness of its tools.

How It Works

empow’s i-SIEM solution is made possible by its proprietary AI technologies,
which are strategically integrated into the following process:

  • 1
  • 2
  • 3
  • 4
1
2
3
4

Defense Strategies

Our security platform has predefined security applications,
all of which are customizable.

Privilege escalation

Identifies and blocks campaigns that try to gain admin privileges in order to conduct a range of attack types on the organization.

Spear phishing

Mitigates e-mail spoofing fraud campaigns targeted at individual users, resulting in confidential user information theft and more.

Intelligence gathering

A generic application that identifies and mitigates against intelligence gathering attack vectors, including incidents that can evolve into actual attacks.

Financial data leak

Detects, investigates and prioritizes real data leak attack campaigns.

Ransomware

Detects, investigates and prioritizes real attack campaigns that try to break into data services that store sensitive information and encrypt it for ransom purposes.

Insider threat

Detects, investigates and prioritizes real attack campaigns that involve insiders engaged in abnormal traffic and user behavior activities.

Integration with Elastic

Elasticsearch, Logstash, and Kibana

empow is the only SIEM company with which Elastic – the leading data search
company – has an OEM partnership. Our partnership makes sure that your NG SIEM
includes the fully supported Elastic Platinum node components as part of the
empow solution.  Our automation engines are tightly integrated with these
technologies and packaged with the empow solution for easy deployment and
ongoing operations.

UEBA & NTA Engines

empow’s solutions come with out-of-the-box
User Entity Behavioral Analytics (UEBA) and
Network Traffic Analysis (NTA) engines that
learn and profile the normal behavior patterns
of users, use cases and traffic, and detect
anomalies based on deviations from these
patterns.
These engines add an important layer of
detection:
They spot suspicious and abnormal behaviors
that indicate an attacker is already in the
environment or a bad insider is active –
otherwise missed by signature-based or
heuristics tools and static SIEM rules based on
thresholds.
They identify a critical visibility gap, where
most organizations only deploy perimeter and
host-based tools, leaving their internal
networks, cloud and user activity
unmonitored.
They can help triage, confirm and complete
attack stories by discovering additional
attacker steps along the cyber kill chain.
Providing these as integrated, out of the box
detection capabilities enables empow to
correlate network and user behavioral based
anomalies, with 3rd party security alerts from
other data sources as well as the
organization’s identity management
information. This provides a wider context for
decisions and removes false positives and
noise from the entire cyber security system.

EDR - Endpoint Detection and Response

empow’s EDR agent is based on the Elastic agent which supports malware
prevention, exploit detection, unusual processes, user and admin activities,
operational disruption, misuse of network protocols and reach host telemetry
collection. The agent includes DLL and driver load, process status change,
registry, files, DNS, network and security events. Detections are based on
machine learning and rules which are customizable.

* EDR is available only in the i-XDR solution.

SOAR - Security Orchestration, Automation and Response (SOAR)*

SOAR – or predictive response – capabilities are enabled by empow’s unique
automated technologies which automate classification and prioritization of threats
and remediation processes. 16 patents form the basis for these capabilities,
utilizing a number of technology approaches including: Artificial Intelligence (AI)
Natural Language Processing (NLP) and Belief and Bayesian Networks (BBN)
algorithms, and reinforced with User Entity Behavior (UEBA), Network Traffic
Analysis (NTA), and Threat Intelligence (TI) engines. Together these algorithms and
technologies enable i-XDR to find attacker “intent” before the full attack is carried
out, adaptively create a response playbook that includes investigation,
remediation as well as predictive response actions to prevent the threat.

* SOAR is available only in the i-XDR solution.

empow’s SOAR presents the analysts with adaptive and predictive playbooks, as
shown in the dashboard screen below:

Monitoring, Reporting and Alerts

empow’s solutions provide visibility into the security and health status of the
organization’s entire security platform through a display of statistics of the IT
security infrastructure and alerting on any operational issues.
empow’s pre-defined and customized dashboards and alerts allow notification to
3rd party security operation systems, including ticketing and case management
tools.

Contact Us

Request a SaaS Trial
empow provides a cloud-based 14 day trial with your data, so you can experience the technology and its benefits first-hand