Overview
What is Gradient Cyber?
Gradient Cyber, headquartered in Dallas, offers is a cybersecurity solution that combines proprietary technology and Sr. Cybersecurity Analysts that aim to make the job of managing security easier for smaller IT teams.
Leaving a review helps other professionals like you evaluate Managed Detection and Response (MDR) Services
Be the first one in your network to review Gradient Cyber, and make your voice heard!
Get StartedService Offering Details
- About
- Integrations
- Competitors
- Tech Details
What is Gradient Cyber?
Identify, Protect, Respond, and Recover.
Gradient’s Cybersecurity Health Scorecard ™ performs a categorical break down to Identify, Protect, Detect, Respond and Recover, and provides a detailed analysis based the customer's personalized cybersecurity Maturity Summary.
Gradient's interactive dashboards allow users to select individual items to address, update responses, document evidence and controls within the responses, and provides immediate feedback on the impact those responses have on the cybersecurity maturity score.
The Scorecard measures an organization’s cybersecurity health by assessing, People, Process, Technology, Data, Risk Transfer and Privacy and Compliance.
Gradient obtains the customer's personal scorecard by conducting a 500 point analysis, a Dark Web query, an Attack Avenue Analysis, Network Traffic Score and a guided NIST assessment.
Gradient Cyber operates as the customer's cybersecurity partner, and advises where the user's cybersecurity practice is excelling, and where it has room for growth.
Gradient's cybersecurity analysts extend and support the user's cybersecurity team. The Gradient A.I. driven system monitors and analyzes traffic on networks, servers, endpoints, databases, applications, websites, and other systems, looking for anomalous traffic that could be indicative of a cybersecurity incident or compromise.
Gradient’s Security Intelligence Platform provides insights into the user's cybersecurity maturity and improvement with native out-of-the-box compliance features that are built on industry-leading cybersecurity frameworks - NIST, CMMC, CAT, & IMO.
Gradient includes the following suite of tools:
Network Monitoring
Gradient’s AI-driven Security Intelligence Platform enables the company to fully monitor and protect the user's network.
Bi-directional Netflow instead of uni-directional Netflow providing a full end-to-end session communication. This ingestion is done directly using PCAP data and Gradient’s Quorum Collect appliance.
Detailed Examination of IP addresses for potential threats.
Localized port scanning against different port ranges to discover and pinpoint firewall misconfiguration.
Log Ingestion
The amount of risks to networks continues to increase and Gradient's Security Intelligence Platform offers complex logging from on-site and/or cloud providers. These logs are mapped back to Netflow data to create a clearer view of the network's operation and detect suspicious circumstances.
Ingests Active Directory Logs and Microsoft 365, along with Endpoint logs and other security-related data.
Supports firewall types that include Cisco ASA/Firepower, Watchguard, Sonicwall, Fortinet, Ubiquiti, Palo Alto, and Sophos.
Supports AWS VPC/EC2 Flow log ingestion.
Intrusion Detection System (IDS)
Gradient Security Intelligence platform has a built-in Cloud Based Intrusion Detection System to monitor the network traffic for malicious activity and policy violations.
Gradient’s IDS monitors network traffic for suspicious activity and creates an alert when such activity is discovered.
The service includes a dedicated team to manage signature-based threats.
Utilize a Cloud-Based, Out-of-Band deployment ensuring that our IDS solution does not affect network performance at all.
Utilizing cyber threat feeds from many top sources
Cloud-Based IDS “time-to-signature” for new malware variants is extremely fast.
Endpoint Integration
The Gradient Platform integrates with several endpoint protection solutions to ingest logs and alerts for a holistic picture of the environment.
LDAP logs are monitored for anomalous activity, authentication failures, and policy changes.
Endpoint Protection events are monitored and mapped to network data to provide a clearer picture of endpoint communication.
Endpoint inventory is enriched with network traffic data.
Threat Management
The Gradient platform provides Threat Intelligence via our Cognitive Library - which is a combination of Gradient's proprietary technology and third-party security and threat feeds.
Tied into all of the major cyber analysts’ threat feeds to ensure we identify malicious network traffic.
The platform provides detailed information on IP addresses and URLs, which allows a user to verify IPs that may be malicious.
Asset Communication Discovery
The Gradient platform provides detailed information on assets based on Netflow data. Industry standard signature-based detections and custom signature-based detections on recent activity in cybersecurity trends as it relates to threats.
Hashes used to compare files being transferred over the network against known bad file signatures.
We monitor http, DHCP, SMTP and SSH traffic.
Network Data Anomaly Detection
The Gradient platform helps identify unexpected events, observations, or items that differ significantly from the norm.