Microsoft has over the years developed more and more security products and features. This includes Microsoft Defender (AV), Microsoft Defender ATP (EDR), Azure Sentinel (SIEM), and various other security features and functions within Microsoft365 and Azure.
Muninn AI Detect and AI Prevent both offer unique cyber value add that Microsoft products do not, and they are able to integrate into your Microsoft security stack using open APIs to both send and receive information.
Muninn AI Detect fully integrates to Microsoft365 and using our analysis and machine learning technology we provide a long range of unique cyber alerts which you do not already have in Microsoft365.
Muninn AI Detect fully integrates to Microsoft365 and using our analysis and machine learning technology we provide a long range of unique cyber alerts which you do not already have in Microsoft365.
We integrate to any SIEM that has open APIs. Azure Sentinel has such open APIs – so we can send our security alerts – or even the full metadata of the protocol analysis flows plus the finished Muninn AI Detect generated cyber alerts into Azure Sentinel and you can – from one dashboard, do the forensics, dig into the incidents that occur in the network.
Muninn adds value on top of Microsoft Defender ATP because Microsoft Defender ATP is able to receive and activate for instance the “isolate” command of Microsoft Defender ATP. This means that on the basis of the protocol analysis carried out by Muninn AIDetect and the isolation rules configured through Muninn AI Prevent, MicrosoftDefender ATP can shut down a device by command from Muninn AI Prevent.
Full Packet Capture – enabling deeper forensics than with “only” a SIEM’s logs.
Full Protocol Analysis with more than 150 different data-types extracted from the network traffic – not seen from inside devices as a SIEM does but from the perspective of the network traffic – using BRO / ZEEK protocol analysis.
Immediate blocking capability (using Muninn AI Prevent) of a device exhibiting extremely suspicious hacker-like activity – based on preset chosen conditions – which it has not previously exhibited and should not do.
Unique AI / ML algorithms building normal unique traffic patterns of each device making it extremely hard for hackers to stay under the radar.