Our solution provides daily cybersecurity risk assessment and threat detection based on automated, zero-performance impacting analysis of all activity on financial market trading networks. Key business stakeholders can use this assessment to improve collaboration with their cybersecurity and regulatory reporting teams.
Virtual Expert Automatically Assesses and Continually Reports
Corvil Cara: Virtual Security Expert automatically assesses and learns from all machine activity on the network, detects possible attack patterns, bubbles up the most important issues and provides an overall risk assessment score suitable for non-expert IT, business and regulatory professionals.
High Fidelity Visibility of All Activity on the Trading Network
Corvil’s existing monitoring infrastructure is already capturing every packet and flow that traverses trading infrastructure without impacting performance during market open, and with nanosecond precision required by trade surveillance. Corvil makes it easy for cybersecurity teams to leverage this existing visibility to investigate risks associated with specific users and the business context of all trading sessions, market data streams and non-trading traffic.
Learns Normal Behavior to Automatically Detect Anomalies
Activity recorded from the trading network is analyzed by machine learning algorithms to baseline the norms of connected machines, applications, services and communications. Anomalies are detected from deviations from these baselines are detected and reported as input to an overall risk assessment score.
Correlates Multiple Indicators into an Overall Risk Assessment Score
In addition to machine-learning anomaly detection, Corvil streamlines risk assessment by correlating multiple threat indicators (such as user account compromise, remote exploits, reconnaissance scanning, lateral movement, denial of service, covert tunneling), and integrating threat intelligence data sources such as FS-ISAC.