Oversight is the autonomous Cyber Threat Intelligence System for the Tholian Network.
Tholian Oversight is a management system that takes care of the maintenance of installed software and dependencies, while understanding the relations between networked infrastructure and their vulnerabilities. It automatically observes the web for relevant threats and vulnerabilities on social media and knows when to automatically quarantine and update or isolate and defend your infrastructure.
The focus of Oversight is on increasing the efficiency in Incident Response Management, and to help Blueteams mitigate potential damages during an attack as quickly and as automated as possible. As all of our products use our dedicated Peer-to-Peer networking technology, Oversight features a lot of strategical advantages compared to other Cyber Security products.
Automated Software Inventory
Whenever you need a detailed list of your software inventory, Tholian Oversight has got you covered, because
it analyzes installed software packages, running network services, and their signatures on all your infrastructure
Disciple peer-to-peer endpoint security client automatically reports changes in software,
its libraries, or network behaviours back to the Oversight dashboard.
Automated Security Compliance
Tholian Oversight manages a full inventory of your used software, and maintains a complete software bill of materials. Its workflow is in compliance with the certifiable standards, like the ISO 27001, ISO 27033, UN Regulation 155 and UN Regulation 156.
Automated Damage Control and Quarantine
Whenever a dangerous Cyber Threat occurs, Tholian Oversight is able to quarantine and isolate potentially affected machines from the rest of the network. All Disciple instances are able to communicate network traffic anomalies with each other, which means that changes in network traffic behaviour of potentially infected instances are isolated automatically on a network level.
Automated Cyber Threat Intelligence
Observations of social media are correlated with known CVE entries for affected software, which means that zero days can be caught while they're being developed by communities in underground forums, chats, and politically motivated imageboards.
Automated Incident Responses
Tired of the SOC being always to late to investigate? Tholian Oversight has a Remote Control mode for Smartphones that allows the Blueteam to directly quarantine and isolate networked machines automatically when an incident occurs. This allows to respond literally while the attack is being detected. There's also a high risk mode, which allows Tholian Oversight to automatically quarantine instances when an attack is being detected.
Features in a nutshell:
- Automated maintenance of a software bill of materials.
- Automated maintenance of all networked systems inside your infrastructure.
- Automated observation of social media and underground forums for specific threats that could target your organization.
- Automated notifications of the SOC staff members when potential Threats are emerging.
- Automated quarantine of vulnerable systems while they're being attacked, and remotely via the press of a single button.
- Automated damage control and isolation of infiltrated systems via a unique peer-to-peer Firewall concept.
- Smartphone-compatible Dashboard that allows to remotely manage your infrastructure.