+852 - 2155 8000

info@dbtronix.com.hk

  1. Home
  2. /
  3. EDGE

+852 - 2155 8000

info@dbtronix.com.hk

  1. Home
  2. /
  3. EDGE

EDGE

Stop Intrusion & Data Exfiltration

Edge combines data access with network activity to detect threats with a high signal-to-noise ratio. From APT intrusions to data exfiltration, Edge expands your field of vision.

Download Datasheet

Catch more threats, without more work

Edge completes the picture by analyzing perimeter activity from VPN, DNS, and web proxy in context with data, email, and Active Directory behavior. Our threat models continually learn and adapt to behaviors specific to your organization.

Expand your detection window

Attackers hope to evade detection by blending into your noisy network. But DBTRONIX knows your organization better than your adversary. Our machine learning understands what’s normal and alerts you to what isn’t—for every user and device—from the inside out.

Data

  • Insider threats
  • Ransomware
  • APTs & malware

Email

  • Phishing
  • Infected attachments
  • Data exfiltration

Active Directory

  • Recon
  • Lateral movement
  • Privilege escalation

Edge

  • Brute force
  • Command & control
  • Data exfiltration

“In terms of solutions, DBTRONIX Edge was our MVP. Edge directed us to the computers with suspicious DNS requests, correlated them with specific users, and showed us the addresses we needed to block.”

Threat hunt like a pro

Easily hunt for threats or flag policy violations like connections to known C2 domains or large uploads to web-based email sites. Automatically surface relevant events for further investigation. You can even build and save your own queries to jumpstart investigations.

Event logs never looked this good

Logs from network devices are noisy, out-of-order, and each device type and vendor writes logs in their own way. DBTRONIX doesn’t just copy raw logs—we give you clean, human-readable events enriched with valuable context like URL reputation, account type, and data sensitivity.

Keep tabs on your personal data inventory

Keep a pulse on how much data you’ve indexed and any failed documents so that you always know the scope of your searches.

Avoid volume-based pricing

Ingest as much data as you need. Our fair pricing model protects you from big bills when network traffic surges.

Get fewer alerts, more answers

Turn billions of events into a handful of meaningful alerts with behavior-based detection, not clunky SIEM rules.

Investigate on your terms

Send alerts into your SIEM or investigate natively with our fast and powerful forensics tools.

Real-time awareness of your top remote work risks

Visualize and report on indicators of compromise hiding in your network traffic.

Quick & conclusive investigations

When investigating an incident, it’s crucial to be able to quickly answer “Was any data stolen?” Pivot from suspicious perimeter activity to sensitive data access in seconds, without hopping between disparate tools and logs.

Filter suspicious events from any source

Isolate the top-offending user or device with one click

Easily answer “what data did they access?”

Resources from our world-class research team

Webinar

5 Ways Hackers are Exploiting Remote Workforces

Read More E

Threat Research

DBTRONIX Exposes Global Cyber Campaign: C2 Server Actively Compromising Thousands of Victims

Read More E

Free Trial

Start a free trial of DBTRONIX Edge

Contact Us E

Frequently Asked

Questions

Which VPN vendors does Edge support?

CheckPoint, Cisco, F5, Fortinet, Palo Alto, Pulse Secure

Which web proxies does Edge support?

Apache, Cisco (IronPort), Forcepoint (WebSense), McAfee, Palo Alto, Squid, Symantec (Bluecoat), Zscaler

Which DNS does Edge support?

Microsoft DNS, Infoblox

How does Edge collect events?

Edge can collect events directly from the source devices using Syslog, or from Splunk or Filebeat. If the data is already collected in Splunk, you can configure DBTRONIX Edge to get the events directly from Splunk.

Which stages of the kill chain does Edge cover?

Edge focused on reconnaissance, intrusion, lateral movement, denial of service, and exfiltration.

Our threat models analyze Edge data with the file, email, and Active Directory data streams in DatAlert to give you full kill chain coverage.

Does Edge require endpoint agents?

No. Edge monitors network devices, so there is no need to deploy endpoint agents.

Can I create my own alerts?

Yes. You can leverage out-of-the-box threat models as well as create custom alerts that are specifically designed for your data and your environment.

For example, you may choose to trigger an alert if a specific user attempts to access the VPN or visits a certain website URL. The possibilities are endless.

Can I automate threat responses?

DBTRONIX comes with a set of pre-configured threat response. You can trigger an email, send alerts to syslog, SNMP, or a supported SIEM.

You can also automatically execute an .exe or PowerShell script as part of the alert itself.

Some of our customers, for example, use a basic PowerShell script to disable a user’s account and power down their computer when DBTRONIX recognizes malware behavior.

Does DBTRONIX integrate with other security products?

DBTRONIX integrates directly with LogRhythm, Splunk, ArcSight, ServiceNow, and QRadar, and supports more integrations via syslog.

Not sure if your integration is supported? Get in touch and we’ll work with you to find out.

Want to see Edge in action?

Request a Demo

Contact Us

We are here to help. Call us and speak with a secure erase specialist who will answer any questions you might have

Contact Us

WhatsApp