Gleam revolutionizes cybersecurity by applying machine learning to create predictive behavior models for each device in the network. The resulting anomaly detection mechanism is able to react to unknown and future threats. No rules, no signatures, no deployment at all: pure SaaS with unlimited scalability.
Network Engineering and Security departments need to minimize complexity, costs, and maintenance of their networks.
Gleam provides a simple, efficient, and non-intrusive solution that improves itself on the go, thanks to its granular AI engines model and continuous learning capability.
Your organization should consider Gleam because:
Gleam doesn't need previously known signatures or attack patterns for detection. Gleam uses AI to create models of the expected behavior of traffic networks and detects subtle changes that are indications of a possible attack.
Gleam uses network telemetry produced natively by the network devices (routers and switches), to build behavioral models and detect anomalies in real time. Getting started with Gleam is as simple as setting up the routers in your network to start sending the flow data to Gleam.
The lightweight protocols of network telemetry used by Gleam (Netflow, IPFIX, J-Flow, sFlow) allow for an efficient cloud operation (SECaaS) without needing to deploy anything locally or having to pay for heavy data exchange, at the time that improves the compliance with the existing regulations.
Gleam is built on trusted and reliable open big data solutions which enables the protection of networks of any size. Its multi-tenant architecture is a perfect fit for TELCO/SP business models since it already supports OpenStack and Cloudera.
Moreover, Gleam collects all network telemetry (flow data) and provides a carrier-class Network Traffic Analytics (NTA) platform for real-time and historical network visibility, understanding and problem resolution.
When everything fails, Gleam detects successful intrusions analyzing changes in the devices' traffic behavior: propagation, C&C, geolocation, suspicious networks, volumetrics, unlikely destinations, odd working hours, unusual protocols, applications, ports, addresses, etc.