IBM Security® ReaQta features
Reviews file source code prior to full execution, stopping files from running if malicious code is detected.
Nano operating system (NanoOS) and dual AI engines
Allows certain detection and autonomous operation capabilities even when endpoints are offline.
Detects and correlates alert information, including an attack’s root cause, risk assessment, and MITRE ATT&CK framework.
Enables real-time, whole-infrastructure search for indicators of compromise (IOC), binaries and behaviors. Automated data mining facilitates the discovery of dormant threats.
Enables remote gathering of forensic information for an investigation, helping support forensic analysis and reconstruction of an attacker’s activities.
Helps analysts identify potential threats with metadata-based analysis to expedite triage. Enables detection and prevalence analysis of alert artifacts to discover new binaries as soon as they’re activated.
Analyzes file behaviors for detecting imminent attacks and can stop malicious processes from executing.
Uses heuristics and signature-based prevention.
Automation features enables the creation of custom-built detection, response and remediation playbooks.
Provides direct API access to the ReaQta engines, which is useful for automating workflows and integrating with external platforms.
Enables an AI-powered alert management system that autonomously handles alerts. It can learn an analyst’s decision instantly after seeing a given alert only once.
Uses near real-time, behavioral-based anomaly detection and response capabilities to help protect organizations from advanced malware attacks and threats.