Threat Protection
DivvyCloud leverages Cloud Service Provider (CSP) services (e.g., Amazon GuardDuty) for best-in-class intelligent threat detection that continuously monitors for malicious activity and unauthorized behavior.
These CSP services use machine learning, anomaly detection, and integrated threat intelligence built by the CSPs themselves to identify and prioritize potential threats.
Detect for activities like: cryto-currency mining, credential compromise behavior, communication with known command-and-control servers, and API calls from known malicious IPs.
When a threat is identified, DivvyCloud can perform automated remediation actions including reconfiguring cloud services, making changes to cloud infrastructure, driving human-centered workflows with integration into systems like ServiceNow and Jira, and orchestrating workflow actions in other security and management systems.