Key Features
This includes both Advanced Persistent Threats (APTs), like state-sponsored hacking groups and organized crime, as well as smaller and less well-known crime groups. The platform tracks over 10,000,000 compromised IPs and 50,000 compromised organizations (and counting), including thousands of compromises which are not publicly known. To collect this information, Prevailion’s team undertakes sophisticated intelligence operations. All of the data contained in APEX™ is 100% original and exclusive, and not culled from other sources.
125B
12M
306
Adversary Intelligence Collected in APEX™ Platform during the Last 180 Days
APEX™’s user-interface (UI) is familiar, as it operates like a standard search engine. Users simply type in the name of the company (or IP address) they want to find, and APEX™ will immediately populate results for any current or historic compromises detected in that company’s IP range over the past 180 days.
Users can create custom watchlists for any companies or IP addresses they wish to monitor. APEX™ will provide instant updates and alerts on any newly detected malicious activity within those targets, keeping your organization ahead of these rapidly evolving threats.
APEX™ presents threat activity in an easy to understand format. Using a color-coded ranking system, (Severe, Critical, Elevated, Stable), APEX™ clearly shows how at risk a particular organization really is in cyberspace. It also provides a ‘trending arrow’ to show whether the malicious activity is on the rise or in decline.
For a deeper look into organizational risk, APEX™ provides a detailed account of the observed malicious activity within the searched company. Users can see: how many (and which) IPs are compromised; the actual malware they are compromised with; and how often this malware is “beaconing” back to the attackers.
Users can also download the full telemetry of these confirmed attacks, for any organization that they are subscribed to. This APEX™ feature provides the telemetry details necessary to support security investigations or potential incident response, including the victim IP address, C2 node (actual server used by attacker), malware family, threat actor identification and timestamp. All of this data can be exported as a CSV file.
APEX™ users can also monitor the larger trends in cyber compromise activity, by industry and by region. The platform provides several real-time charts, including ‘Compromise by Sector’ (86 industry sectors tracked), ‘Compromise by Geography’ (all nations included), ‘Stages of Compromise’ and ‘Stages of Compromise Over Time’.
Previous