Reducing analysis time (on the known threat) from several hours to a few minutes, Trovares and HPE collaborated to test a cybersecurity solution with a large HPE enterprise customer. The proof-of-concept testing had two primary goals: 

• Demonstrate the superior scale and acceleration that can be achieved by combining HPE Superdome Flex server with Trovares xGT analytics. 

• Address the pain points of the customer and show the value added by the solution with respect to rapidly hunting attacks, finding new threats, and adding more context to the identified threats to eliminate false alarms 

This customer had an interest in improving their detection of “snowshoe” attack patterns. Snowshoeing is an approach to detection evasion in which an attacker uses strategic timing intervals or multiple IP addresses to avoid tripping a rule-based detection mechanism. Effective snowshoeing means that an attack avoids “falling through to snow,” by spacing and spreading their steps just beyond the detection limits of a system. The customer was being saturated with an ever-increasing number of logs collected on a constant basis. The customer also wanted to reduce the attack detection time, as compared to their existing methods. Solving these challenges was critical for their business. 

Trovares xGT significantly reduced the threat hunting time compared to the existing customer solution.