Problems that solves
Shortage of inhouse software developers
Shortage of inhouse IT resources
Shortage of inhouse IT engineers
High costs of IT personnel
Values
Reduce Costs
Ensure Security and Business Continuity
About Product
Description
R-Scope is a powerful network security sensor for threat hunting and threat detection. Providing network activity in context gives the clearest view of genuine threats, faster. Incident Responders benefit from R-Scope’s balanced output that is 100x richer than competing approaches at a fraction of the storage footprint and cost. R-Scope identifies threats quickly and enables rapid and thorough remediation.
Core Capabilities </>p
Form Factor
R-Scope is available in multiple form factors to meet a variety of enterprise deployment requirements. For traditional data centers, R-Scope is available as a 1U appliance, variably priced according to throughput requirements. Software-only offerings are available for deployments that require more flexibility. Contact Reservoir Labs for cloud deployment. All R-Scope offerings are fully hardened and supported for the most demanding business environments. Support and Services are provided in-house by qualified Reservoir Labs engineers.
Data Enrichment
R-Scope offers significant opportunity for on-box analytic deployment for data enrichment. Leveraging R-Scope’s on-system development environment, security teams can develop, test and deploy a variety of analytics to tune data output and ensure a clear and simple lens through which to evaluate network traffic. R-Scope accepts all open-source Zeek/Bro scripts; additionally Reservoir Labs offers a curated set of tested community scripts as well as custom analytics uniquely valuable to enterprise users.
Real-Time, Scalable Threat Detection
R-Scope sensors provide in-depth network traffic analysis by inspecting all bi-directional network traffic. Using it’s programmable analytic engine, R-Scope produces rich network metadata capturing protocol event detail, application services, files, and content on the network. R-Scope offers network analysis at scale, using patented technologies designed and developed by leading experts on high-performance networking.
Advanced Sensor Management
R-Scope is architected for professional enterprise management. Bringing a fresh DevOps perspective to security, R-Scope integrates with Ansible for sensor management. This approach allows security and IT teams to manage not just sensors but whole enterprises from a single pane of glass, bringing control and visibility across the organization’s entire workflow, without incurring the downside of vendor lock-in that is frequently the price of ease of management.
Selective Packet Capture
While full packet capture is appealing as a source of data, particularly in the case of incident response, it can be prohibitively expensive, both in terms of storage costs and also potentially in terms of process overhead. R-Scope’s Selective Packet Capture (SPC) feature allows users to decide what to capture and when, then fully automate distribution of those captured network packets to other tools or offline storage for later analysis.
Threat Analytics & Intel Workflow
R-Scope is designed for seamless integration into any organization’s security operations workflow, with analytics that can be pulled directly from Git or Intel repositories. R-Scope is equipped with an innovative on-system development sandbox that enables threat research teams to rapidly develop, test and deploy analytics/intel quickly and efficientl