|Powerful visualization of network traffic based on flow logs|
|Custom alerts to quickly detect various network and account level intrusions|
|Flexible, ad hoc queries to easily analyze your cloud environment|
|Freestyle exploration of cloud environment from a policy, asset or VPC viewpoint|
|Enriched VPC flow logs with deep context of cloud native services
|Ability to export enriched logs into SIEM tools for further analysis|
Dome9 Magellan is a cloud-native security intelligence technology that delivers cloud intrusion detection, network traffic visualization and user activity analytics. Magellan’s object-mapping algorithms combine cloud inventory and configuration information with real-time monitoring data from a variety of sources including VPC Flow Logs, CloudTrail, as well as current threat intel feeds, IP reputation and geo databases.
Magellan Explorer is an interactive visual tool that lets you proactively explore your cloud environment and identify malicious activity quickly. This is based on powerful visualization of enriched VPCFL and Cloudtrail information that help SOC teams easily conduct threat hunting activities.
Magellan alerts can be triggered to notify security teams immediately when configuration or network traffic violates regulatory and compliance standards (PCI, NIST, GDPR etc). Replay of traffic flow over a specific time period can also be used as proof of compliance to auditors (Control effectiveness)