The HyperContext Platform

The  number, type, and mix of smart devices in business environments is rapidly expanding, but the vast majority are invisible to SecOps.  To regain control, IT organizations need visibility into all devices in their environment and must be able to apply granular policies to mitigate risks and prevent data loss. 

Enter WootCloud HyperContext Device Security – the only solution that provides contextualized visibility into devices, their behavior, network access, and threat intelligence. 

With an explosion in the number of smart devices that are now connected via multiple communication protocols like wifi, zigbee, bluetooth, ble and cellular networks, fingerprinting the device needs to be done based on the unique characteristics of the device across multiple dimensions. These dimensions are not limited to a specific interface of the device, but include multiple layers all the way from hardware, software, logical, functional, and other operational characteristics.

This means that information about the device collected all the way from RF, each physical interface, protocol, traffic flow, application is combined with organizational information from CMDB, other tools like MDM, EDR, vulnerability assessment, firewall, location is learned by supervised, unsupervised machine learning algorithms and rule sets to reveal patterns embedded in these measurements. These algorithms and rule sets generate models and signatures for each device to generate the following information which is called HyperContext which includes:

  • 1. Type, Category of the device and related information
  • 2. OS, patches, services and applications running on the device
  • 3. Functionality or the “purpose in life” of the device
  • 4. Micro location of the device, its mobility patterns and times of visibility
  • 5. Ownership information of the device and its control information
  • 6. Users on the device
  • 7. Behavior based analysis of all the data transmissions across all protocols and spectrums
  • 8. Risk and vulnerability information, other information collected by other tools used
  • Provides richer device context to help create more deep and accurate policies to manage, track, group, and microsegment devices
  • Use auto generated policies that are crowdsourced based on best practices
  • Non-intrusive, AI driven & ML threat detection solution
  • Scans devices across multiple spectrums (Network + RF) and dimensions with a deeper capture of device properties and attributes
  • Receive context driven anomaly detections that leads to lower false positives

All the collected data and the intermediate insights are then used to develop a device identity fingerprint, a device group fingerprint and device operational fingerprint. These fingerprints accurately recognize the device, group similar devices, and establish the device’s normal operation and function. This is used to establish an effective device security architecture by:

  • Identifying new devices seen in the organization automatically
  • Identifying anomalous behavior in the devices whose fingerprints have been collected
  • Offer insights about the risks, threats associated and best practices
  • 4. Generate labels based on all the collected information, intermediate insights and final fingerprints and expose these labels to the micro-segmentation and policy layers

This website uses cookies to ensure you get the best experience on our website.