Use Modat Magnify to
Expose Hidden Infrastructure
Leveraging the Largest Internet
Device DNA Dataset Available​
Device DNA’ Tags reveal the critical identity of any device for precise detection, tracking, and analysis. How? It uniquely maps the world’s most used products, technologies, OS, and even malicious infrastructure for deeper profiling. Our patent-pending AI Clustering model groups scanned data with in-house tech to deliver richer context of the findings.
Immediate Identification​
Device DNA’ Tag:
Malicious
Faster recognition of confirmed malicious infrastructure. The platform matches newly observed infrastructure like domains, IPs, SSL certificates, servers, against previously validated adversary signatures. Less need for manual efforts and improved SOC team workflows since bad actors are flagged quicker. Faster recognition means analysts can better distinguish malicious infrastructure from non-threatening anomalies so there is no impact on what is operating well.
Prioritized Response
Able to respond to high-risk threats first. The tagging of the infrastructure improves alerts and doesn’t disrupt workflow. This prioritization ensures security teams can allocate resources to the highest-risk threats accurately and first without having to filter through all the noise. API Integrations enable more efficiency and help to reduce necessary response time overall.
Preventative Blocking
Stop attacks before exploitation, infiltration, or loss of data. Defense systems can be updated fast to block connections before bad actors can exploit vulnerabilities. This means a significant shift can happen to move toward a more resilience proactive prevention posture, rather than only strong on defense. Block communication channels to command and control (C2) servers, and protect endpoints and get ahead of infiltration or an attack.
Detection & Blocking​
More visibility & ability to identify stealthy C2 channels.
The platform leverages unique identifiers linked to infrastructure attributes like domains, certificates, communication styles / patterns. Then, it reveals C2 servers that may otherwise appear as normal traffic. With these detected, the C2 Tag helps with expanding visibility. Block active channels cutting off the adversary control before data can be extracted and prevent compromise.
Device DNA’ Tag:
C2
Response & Hunting
Pivoting & enrichment for deeper intel. Insight into C2 findings can act as a pivot point and lead to more in-depth research. Cybersecurity analysts can track and trace relationships between the C2 infrastructure and connected IPs, domains, and malware families to get an expanded views of situations. Improve proactive adversary disruption: uncover related campaigns, enhance investigations and identify malicious behavior before an attack.
Finding C2 Tagged Hosts
Operational enforcement & scaled prevention. The platform provides exported lists when hosts are flagged w a C2 tag. These can integrate seamlessly with enterprise security controls and allows for tagged hosts to be blocked at firewalls and isolated in EDR. Plus, they can be prevented from being routed through proxies to cut off connections to malicious infrastructure. Operationalizing this data helps you better enforce security policies, stop infections from communicating with their controllers, and reduces the risk of data theft or attack.
Best Data Coverage
Extensive
Data Coverage
Pivot across data points to build custom queries and improve visibility. Comprehensive coverage means all relevant data points such as IPs, domains, technologies, geolocations can be interconnected. Analysts can pivot seamlessly between related attributes, uncovering relationships that would otherwise remain hidden. Flexibility to explore infrastructure at scale improves, building highly targeted searches that expose adversary markers across the attack surface relevant for their organization.
Run Your Own Queries
Leverage your intel to create context relevant for you. Have access to limitless direct custom queries so you can rely on your own intel. Be able to use your own information and intelligence from previous IOCs and campaigns and search within the largest device DNA dataset available for relevant and precise matches. Cross-reference internal intel with external data for robust and unique specific insights. Teams can more quickly validate hypotheses, investigate suspicious patterns, and gain threat intelligence with findings tailored to their organization’s specific risk.
Identify & Predict
Extensive coverage also enables continuous monitoring of adversary activity. By tracking their infrastructure over time analysts can better predict intent and anticipate upcoming malicious campaigns. This forward-looking visibility transforms data into predictive intelligence so it gives insight into threat actor actions today and what their next moves may be. Opportunity increases for increased proactive risk reduction in addition to reactive defense.
Despite extensive time spent on security, threat actors are still finding a way in
Attackers are moving faster than defenses can keep up.
10K+
‘Device DNA Profiles. Uniquely mapping the world's most used products, technologies, OS including IOT, OT and malicious
24-7
Scanning.
Always-on. Scanning the entire internet continuously
50+
Data Categories.
Save time with cluster-specific context tags like Healthcare, ICS, SCADA, malicious, C2, access management
Our partnership with Modat strengthens our in-house expertise
Creating a synergy that enhances both organizations
Michel Mollema - CTI Lead at Northwave Cyber Security
Resources & Research
