The military shaped concept of a kill chain describes the structure of an attack, its life cycle. The complete chain consists of target identification, force dispatch to target, decision and order to attack the target, and finally the destruction of the target.

Under the premise that a successful attack depends on all stages being executed successfully, it encourages thinking about all possible places where a defense measure could interrupt and therefore avert an attack.

Computer scientists at Lockheed-Martin described the intrusion kill chain framework for computer networks in 2011. Like the military shaped concept of a kill chain a cyber attack life cycle passes through several stages to finally act on the target.

At any stage various countermeasures will be able to successfully interrupt the attack. Beside functionalities of a classic NG firewall, such as policy, deep packet inspection (DPI), intrusion detection or prevention systems (IDS/IPS), data leak prevention (DLP) or indicators of compromise and attack (IoC/IoA), especially real-time user-behavior correlation and  dynamic network objects (DNO) will be most effective. Threat Intelligence plays a major part in constantly providing the network protection platform with most recent patterns and information about breaches.

By combining the different threat intelligence sources with the behavior-based correlation, cognitix’ solution allows to find a much better balance between disrupting your business due to false-positives and no action taken at all by verifying the indicator of compromise or the found IPS pattern with the following malicious behavior. And once an attack or infection is found, the automatic isolation with dynamic network segmentation proves a much faster and more thorough action than any combination of firewall, endpoint security, SIEM, IPS and TI relying on log messages to be exchanged after the fact.

Also the lateral movement of threats is stopped much better with the dynamic network segmentation of cognitix threat Intelligence and Protection Platform than existing perimeter- and microperimeter protection.

Get our newsletter

Subscribe to our mailing list

* indicates required