DATASHEET Fidelis XPS™ Detect, investigate and stop advanced attackers across every stage of the attack lifecycle. Never miss a critical attack. Organizations invest millions to build secure networks to keep highly motivated attackers out of their enterprises. Despite these investments, determined attackers routinely compromise seemingly secure organizations and steal their intellectual property, private data and financial information. Analysts in security operations centers (SOCs) and security teams are overwhelmed by alerts. As a result they often miss the most critical attacks or detect them long after vital data has been stolen. Highlights Detect the Undetectable. Fidelis XPS’ unique patent-pending metadata capture, storage and automated security analytics accelerates your ability to detect and analyze advanced targeted attacks that use commodity malware, advanced malware, exploits and command and control. Real-Time and Historical Analysis in a Single Interface. Combine deep content analysis with historical analytics and the ability to investigate past events with rules written specifically by the Fidelis Threat Research Team, so you can quickly detect threats in your environment. Analyze traffic as deep as attackers hide. Identify their tools, tactics and behavior so you can quickly investigate and prevent data theft. Product Overview Fidelis XPS™ equips security-conscious organizations to confidently detect, investigate and stop advanced attackers at every stage of the attack lifecycle. It analyzes all of your organization’s network traffic at multi-gigabit speeds and detects the tools and tactics of advanced attackers that routinely bypass other network security systems. With Fidelis XPS you get the visibility, context and speed required to identify threats and ensure data theft never happens. Detect Attacks Other Solutions Miss. In addition to advanced malware, exploits and command and control activity, Fidelis XPS identifies attacker behavior including lateral movement and the staging of data for exfiltration. u Context + Content. The Deep Session Inspection® engine generates protocol, application and content-level metadata that provides a level of context that other solutions can’t match. Expand your detection surface by applying intelligence at multiple levels of the content structure. Complete Network Solution. Fidelis XPS offers a suite of tightly integrated capabilities including malware analysis, advanced threat detection, network forensics, data loss prevention (DLP), and security analytics. Speed and Scalability. Support deep session inspection at multigigabit speeds and receive critical information within moments so you can identify active threats in any size environment. Identify and Stop Targeted Attacks Just as They are Beginning. Quickly identify malicious behavior—including command and control activity and lateral movement­—and halt data loss before it begins. u Correlate Seemingly Unrelated Network Activity and Behavior. Correlate and validate threats generated by seemingly unrelated network behavior by applying automated hunting and security analytics to retrospective metadata gathered on every network session. u Reduce Time to Detect and Resolve Incidents. Quickly receive relevant information, apply threat intelligence to network data, and enable security analysts to move, within moments, from alert to investigation - all within a single interface. u Fidelis has one of the strongest content inspection and network throughput capabilities available. - Gartner, Inc., Magic Quadrant for Content-Aware Data Loss Prevention, January 3, 2013 WWW.FIDELISSECURITY.COM Detect attacks other network security solutions miss with our Deep Session Inspection engine and visibility across all ports and protocols. Capabilities Accelerate Investigation Cycles. Simplify the most time consuming investigative task—gathering data—and make it much easier to get to the bottom of what is happening so your experts can focus on what’s important. u Detection at Every Stage of the Attack Lifecycle. Detect attackers at every stage of the attack lifecycle including when they move laterally, establish command and control footholds and prepare to steal data. u Visibility Across All Ports and Protocols. See into network traffic on all ports and protocols, including misuse of protocols and services on non-standard ports. Additionally, by storing network metadata on all sessions inspected by XPS, you can go back in time and reconstruct the attackers’ footprints. u Deep Session Inspection®. Decode and analyze content in real-time, no matter how deeply embedded it is. The Deep Session Inspection engine sees every single packet that traverses the network, reassembles those packets into session buffers in RAM, and recursively decodes and analyzes the protocols, applications and content objects in those session buffers in real-time - while the sessions are occurring. This allows XPS to “see deeper” into applications and, in particular, the content that’s flowing over the network. u Pivot directly from real-time detection to investigation and action within a single solution. Fidelis’ continued focus on network-based data loss prevention, combined with its ATD capabilities, is an attractive option, and one that clearly differentiates it from competitor STAP solutions. - IDC, Combined Endpoint and Network Visibility Vital to Combating Advanced Threats, August 2015 Detect and Investigate Retrospectively. Investigate what attackers have done in the past. By collecting and storing rich content-level metadata from both the network and the endpoint, XPS provides a lighter, faster and less expensive way to analyze historical data. u Stop Attackers on the Network. Identify an attacker or insider threat that is active on your network and unilaterally block unauthorized transfers of information in real-time, across all ports and protocols, without depending on 3rd-party proxies. u Benefits Reduce Theft of Assets & IP Reduce Overall Cost of Response Lower Disruption to Business Mitigate Risk to Reputation/Integrity CONTACT US TODAY TO LEARN MORE ABOUT FIDELIS Fidelis Cybersecurity 800.652.4020 info@fidelissecurity.com ©Fidelis Cybersecurity DS_Fidelis_XPS_1509 WWW.FIDELISSECURITY.COM