Eliminate your adversary's element of surprise
Monitor.Block.Defend.
Look on to threat actor infrastructure with unmatched visibility
“We found great utility in being able to pre-emptively stop an attack with visibility into changes that threat actors were making to their infrastructure in an effort to attack us again.”
– Senior Analyst, UK Bank
What is Recon Ultimate?
Recon is a web-based threat intelligence tool for advanced security analysts and mature SOC Teams.
With a simple GUI, graphical displays, tagged results and powerful query tools, it transforms how sophisticated users hunt, assess and monitor advanced persistent threat actors.
It is the place to greatly enhance investigations for single IPs, domains, or entire CIDR ranges related to malicious activity.
How it works
Simple process to build out a comprehensive and granular .
-
Complete query information to make it unique
-
Query Name, Description and the Group it is assigned to
-
-
Provide query settings to add date range and seed information
-
Search type: Date Range, or Hostname & Date, or IP & Date
-
Date range: Conditional (such ‘Last Week’ or Last 3 Months etc.) or specific across Date/Hour/Minute/Second
-
-
Select from over 40 data types to include in the query
-
Examples include NetFlow, PDNS and x509 Certificates among many others
-
-
Input the IP address or domain(s) in the search bar.
Not just threat intelligence...
Learn how analyst teams gain an edge with on-demand access to global Internet traffic telemetry.
From closing gaps in visibility to achieving a more proactive security posture, the following whitepaper illustrates how any organization can benefit from on-demand access to Pure Signal ™.
Read this case study to learn how banks are…
-
proactively mapping APT infrastructures and watching them evolve in near-real time.
-
blocking phishing emails before they’re sent.
-
extracting more value from their other threat intelligence sources.
-
enforcing supply chain security.
“When [a third party is] compromised, we identify it with Recon, then tell [the third party] how [the threat actor] got in...and what they need to do to stop them immediately."
– Lead Security Analyst, Fortune 1 Global Retail Organization
Discover the strategic value of tracking cyber threats beyond your perimeter.
Supply Chain Security
Repeat Attacker Defense
Data Breach Prevention
Proactively block new threats outside your perimeter, reducing risk.
“We identified an APT (advanced persistent threat) attack on a subsidiary. None of the subsidiary's security solutions caught it, but we caught it with Recon."
– Security Analyst Team Lead, Top 5 Fortune 500 Company
Find, map, monitor, and block cyber threats before they even get to your doorstep.
-
Get to the origin of a threat, map malicious actor infrastructure and block it, then monitor and protect yourself against them indefinitely.
-
Robust searching and filtering across the broadest collection of global telemetry.
-
Correlate IP addresses with malware insights extracted from 10+ years of attack observance and malware analysis.
-
Batch and schedule queries.
-
No Hardware. No software. Instant on.
-
API integration.
-
Export to CSV, XML, XLSX or JSON.
