CyberFlow Analytics Announces release of their FlowScape version 2.0 Behavior Analytics Platform

Share Article

Six Layer Security Stack for Detection of Risks, Threats and Advanced Persistent Threats in the Core of the Network

CyberFlow Analytics, an emerging leader in Security Behavior Analytics, today announced the release of version 2.0 of its flagship product FlowScape™ that enables Global 2000 companies to better detect cyber threats, risks, and advanced persistent threats. The new software release includes new Self Organizing Maps (SOM) behavioral analytics models with binocular fusion for protocol anomaly detection which spans all IPs and protocols including DNS, SSH, HTTPs, SCADA and other common services found in IT and the Industrial Internet of Things market. FlowScape version 2.0 delivers a new six layer security stack with the key components to combat the more sophisticated attacks in large scale enterprise networks and greatly reduce the time it takes companies to detect and remediate employee policy violations, insider threats from BYOD/VPN, and APT cyber breach incidents.

“The threat landscape and attack surface on large scale enterprise networks challenges both IT and Security teams to continuously monitor for risks created by insiders and the emerging cyber breach activity that follows”. Dr. Hossein Eslambolchi, CyberFlow Chairman and CEO

CyberFlow has been working with early adopter customers to deliver Continuous Threat Defense through a six layer security stack:
1.    Network: The FlowScape Smart Packet Security Service only examines the packet-meta data in this ever encrypted world for scale and tracking client, server and protocol behaviors through the lens of an SDN or physical network segment.
2.    Platform: FlowScape is the only virtualized security analytics platform using Docker Containers to lower the customer cycle time and ease of operational deployment and updates
3.    Behavior Analytics: Through streaming multi-model SOM analytics with Binocular Fusion, the attack surface of workload behaviors is monitored through machine learning and an extensive bookkeeping of all IP communications across the organization
4.    Threat Intelligence: Once behavioral anomalies are detected on the network they are analyzed by a Risk Intelligence Policy Engine to further reveal how dangerous they are to protecting the core assets of the organization.
5.    Automation: Pieces of incident evidence are automatically assembled and classified into Breach Clusters to further reduce the noise and focus the security analyst on the emerging APT attack or unfolding insider risk activity
6.    Visualization: A critical Big Data component of the FlowScape Security Stack is the Geo-Topology Viewpoints of breach clusters and associated intelligence to enable rapid isolation and case editing of emerging threats.

CyberFlow delivers its FlowScape technology to customers through a channel of Managed Security Service Providers (MSSP) as Software-as-a-Service (SaaS) model. “We have incorporated the FlowScape engine into our new set of monitoring services known as Continuous Threat Defense (CTD) for differentiating our capabilities to offer Threat Assessment, Managed SOC and ProActive Incident Response” stated Rajeev Khanolkar, President and CEO of SecurView, a Cisco portfolio company. To further help MSSPs tackle the massive scale of Industrial Internet of Things networks, CyberFlow Analytics is forming strategic alliances with companies to focus on the problem of Securing the Industrial Internet of Things such as tall buildings, factories, and large metro smart city deployments. As an example, FlowScape is currently deployed and helps protect the core of one the most strategic metropolitan cities in the US with its FlowScape 2.0 security stack.

Ask for a demo or become a pilot customer for the new FlowScape 2.0 software. The software installs in an hour on a small infrastructure footprint and begins delivering value on day one, even while it is machine learning your network and device behaviors.

General availability for the FlowScape 2.0 product was delivered in April during the RSA 2015 conference. For more information on the software, please visit

About CyberFlow Analytics
CyberFlow Analytics is a cyber security company led by a team of industry experts that protects the intellectual property (IP) of enterprises from corporate espionage and Advanced Persistent Threats (APTs). CyberFlow focuses on persistent, long term cyber attacks by increasing the intelligence of a network to detect stealth-like threats to data security of organizations in heavily regulated industries where keeping data and intellectual property secure is vital to their mission. Founded by telecom industry leader Dr. Hossein Eslambolchi, former Cisco executive Tom Caldwell and former RSA CTO Louie Gasparini, CyberFlow Analytics is a privately held company headquartered in San Diego, California with offices in the Silicon Valley. For more information, please visit:

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Thomas Caldwell
Follow >
Visit website