NEWS: Logpoint Acquires Muninn
Muninn's open APIs are designed to integrate seamlessly with any platform that offers open APIs on their end. This facilitates a myriad of functions such as enabling device isolation, importing 'indicators of compromise' lists, delivering comprehensive security alerts, and even facilitating the transfer of extensive metadata generated through our complete network protocol analysis. Our integration capabilities extend to prominent platforms like Microsoft 365, Azure, and AWS. Additionally, our software can be installed on virtualization platforms such as VMware and Hyper-V, providing versatility and comprehensive coverage.
Data from Muninn AI Detect into other systems
Muninn AI Detect is engineered to convey comprehensive security alerts or the entire volume of metadata derived from protocol analysis into an external system, such as a SIEM or SOAR platform. This capability is executed through the utilization of standard REST API software. We have an established track record of numerous successful integrations, including notable systems like IBM Qradar and Resilient, among others.
Data from other systems into Muninn AI Detect
Muninn AI Detect can be configured to receive 'Indicators of Compromise' (IoC) lists automatically or manually. This feature allows you to directly and swiftly integrate unique information or subscriptions into the core of Muninn AI Detect, thereby ensuring the security system is always current and fully operational. Although we routinely integrate IoC lists into Muninn AI Detect, we recognize that organizations may have their own specific indicators they wish to incorporate, further enhancing their security posture.
Muninn has a proprietary method for blocking a specific device in real time, that may exhibit malicious behavior - we call this technology Muninn AI Prevent. This is accomplished without the need for agents or integrations. Our approach involves injecting a TCP-reset into the network communication, a technique we can employ given our complete access to all network traffic. We have optimized this process to ensure it occurs with exceptional speed, enabling us to issue a "drop it" command faster than other devices can respond.
Software Integrations
Muninn AI Prevent is fully equipped to leverage the open APIs provided by various software applications such as Windows Defender ATP (AV + EDR), Carbon Black, Trend Micro Apex One, and many others. A significant advantage of this approach is our ability to integrate with software that is already installed, thereby minimizing additional setup requirements.
Network Equipment Integrations
The epitome of integration models, involves integrating directly into the network equipment. This is achievable when the network utilizes Software Defined Networks (SDN) or equivalent technologies, or has an open API that we can leverage to activate an "isolate" command. This "Rolls Royce model" of Muninn AI Prevent excels as it immediately blocks all traffic to and from any device demonstrating malicious behavior, irrespective of whether they have agents installed or the type of traffic - including TCP and UDP, and on all devices, inclusive of IoT. This model is comprehensive in the pursuit of robust network security.
One key feature of Muninn is its choice of models and methods, which have been selected specifically for their high level of explainability. Meaning that the output can be explained in a way that “makes sense” to a human being at an acceptable level. Any anomalies or unusual patterns the system detects are not just simply flagged; but come with comprehensive and useful information.
This information helps your cybersecurity team managing the system to understand why a particular event or pattern is considered out of the ordinary. In other words, it doesn't just alert you to potential problems—it gives you the insights you need to understand what's going on, making it easier to take effective action.
