Labyrinth can be used as a single solution for implementing detection and response security measures on network leer, providing provides real-time security incident visibility without generating overwhelming alerts. Through third-party integrations with NGFWs and EDRs, Labyrinth allows isolated threats from the IT network. To accelerate incident response and forensic, the necessary data can be automatically sent to IRMS.
Labyrinth Deception Platform enriches collected data about incidents and sends to SIEM aggregated event information, providing security teams with the ability to prioritize alert processing. Integration with SIEM also gives an opportunity to receive additional information about detected suspicious activities for getting greater visibility on the chain of events within a security incident.
Labyrinth Worker can be located on a client's side, while Admin Server, IRMS, SIEM - hosted by MSSP provider, allowing the provider:
- fully manage configuration and observe the current status of subsystems;
- respond to incidents immediately after detection, without the involvement client’s engineers
integrate the platform with third-party systems to improve the response quality using the functionality of the other information security products (NGFW, EDR, WAF, etc.)