We have released a new version of GREYCORTEX Mendel
GREYCORTEX Mendel 4.0 brings a new view of security and risks that individual subnets and hosts bring, advanced NetFlow processing and integration with other tools and security platforms.
New Network Inventory Module
Find out at a glance where in the network the problem is located
We’ve created a new view across your data that combines visibility and detection. The first time you open the new Network Inventory module, you’ll see basic information about your network, subnets and hosts, including any associated risks.
You can view your data in a filterable table or a scalable graphical interpretation.
Automated Queries from Other Tools via a New API Extension
Use Mendel as a source of quality security information
In the third extension of Mendel’s API, you can actively retrieve and manage user-defined detected events, IDS and log signatures (including variables), and malicious domains. This especially simplifies the work of larger cybersecurity teams that also use other cybersecurity systems (such as SIEMs) in their work.
Integration with the MISP Threat Intelligence Platform
Get more information about threats from publicly available sources
We bring universal native support for connecting to any MISP feed. Through this, we have laid the foundation for a new Threat Intelligence engine in Mendel that provides support for user integration with large-scale TI resources.
Community ID Support
See the same data easily across cybersecurity tools
In version 4.0, GREYCORTEX introduces the Community ID standard in its flows. This saves the work of security analysts and specialists working with multiple tools and, therefore, multiple cybersecurity datasets.
User-defined Rules for Log Processing
Customize log processing rules for your infrastructure
In addition to automated and preconfigured rules, Mendel 4.0 can receive any logs, evaluate them, process them and create events exactly according to your needs. In particular, internal security teams and secure ICT service providers have enhanced capabilities for accurate threat detection.
Easy User Identification
Save time tracking down users of individual devices on your network
Mendel links user identity information from external logs to detected events. For events, you can immediately see the user information of a given IP address and eliminate the need to trace who used it at a given time.
NetFlow Processing of up to 50 Gbit Traffic
Monitor large-scale networks with NetFlow
Mendel 4.0 can process NetFlow from up to one thousand sources, up to 50 Gbit of original network traffic and can leverage new metrics and application data for processing.
