Protect against network threats

Adversaries are getting past perimeter defenses

While the threat landscape has evolved in the last 10 years, network perimeter threat protection has not. We continue to rely on signature-based threat detection and sandboxes, expecting them to keep up. As a result, our security teams have had to compensate with internal network anomaly detection. Threat analysts now spend too much time detecting an attack in progress, or responding to one that has already occurred. It’s time to fix network security.


Unleash our real-time deep learning platform in network tap behind your existing firewalls or switches, and immediately experience the benefits of our features.

Inspection of files, headers, URLs, C2

By applying deep learning inspection to the complete network flow, our models can deliver high efficacy verdicts and low false positives. Our ability to inspect payloads and headers make it harder for an attacker to evade our technology. Our platform inspects the following:

  • Network headers
  • Network payloads
  • C2 communications
  • Bad URL/Domains

Real-time detection and classification

Our real-time deep learning platform detects network threats in less than a second. Every threat detected is automatically classified by the Blue Hexagon neural networks in real-time. Threat family information and indicators of compromise are provided for deeper analysis by security teams.

Complete threat insights

Our platform delivers deep learning inspection on network payloads (files), headers, malicious domains and C2 communications. Security teams can gain perspective on where threats are on the kill chain and discover insights such as the following:

  • Unique threats
  • Repeat attackers
  • Repeat victims
  • Threats by family
  • Threats by protocol

Orchestrated prevention

Enterprises can choose to implement in-line prevention via ICAP, or orchestrate prevention via Blue Hexagon connectors. Connectors enable prevention policies to be orchestrated to endpoints, network devices and firewalls.

Integrated reporting

Our platform comes complete with integrated reporting for auditing or reporting to CXOs and security boards. The threat dashboard can be customized to drill into specific timeframes. Additionally, every section of the dashboard has a reporting component, enabling the specific trend or details to be saved into a PDF file, and emailed to relevant parties.

Ready to get started?