Device Monitor

Network Security Solutions


Device Monitor and EventCorrelator are used to analyze network data traffic for security threats, detect the presence of a network of nodes – either malicious or compromised, correlate different events within the network and apply the detection methods on both personal computer and mobile devices.



Real time correlation engine provides an additional layer of security over your network. It comprises Suricata IDS and EventCorrelator solution correlating possible malicious events detected by the IDS.

Botnets are becoming more and more complicated in structure, and individual bots from these botnets are using ever more complex methods of hiding, mutating and executing malicious activities.

Tracking down individual bots is a task for an anti-virus program. However, tracking all bots that are a part of a botnet is a completely different issue. In order to be able to detect malicious actions that are consequence of a botnet activity, we need to be able to correlate different events within our network. EventCorrelator is a tool providing exactly this feature.


Device Monitor

Enterprise solution brings mobile network security for mobile devices for your employees.

The cyber threat of botnets is of great concern due to the way and intensity it is spreading, using countless hijacked resources to realize cyber-attacks. Since the vast majority of the C&C communications are HTTP-based, similar techniques that apply on personal computers and existing malware infrastructure can be reused on mobile devices.

The detection methods are based on known attacks (SMS hijacks, visiting malicious URLs, detecting master key exploits). Not expecting to have to “root” devices to install the solution. Main concerns are security, speed, data transfer amount and battery life impact on the device.

Solution consists of a broker GCMServerand mobile sensors Device Monitor.GCMServer tool acts as a broker, and can be extended with connectors towards external database of malicious events. Currently we provide support for STIX[1], standard DB connectors (mysql backend), but are not limited to these.