product - What it is

Cognito® is the ultimate AI-powered
cyberattack-detection and response platform

Transforming Tier-1 analysts into Tier-3 expertsTM

Cognito: The power to Detect and Recall

The Cognito platform consists of Cognito Detect and Cognito Recall.

AI detects attackers in real time and enriches threat investigations with a conclusive chain of evidence

Cognito platform

  • Always-learning behavioral models detect attackers in real time to enable quick, decisive response and a logical investigative starting point.
  • Network metadata, logs and cloud events are collected, analyzed and stored to reveal hidden attackers in workloads and user/IoT devices.
  • Launch deeper incident investigations detected by Cognito and other security controls and hunt retrospectively for covert attackers.
Learn how it works

Cognito Detect

  • Reveal hidden and unknown attackers in real time with machine learning, data science and behavioral analytics working in concert.
  • Conclusively detect threats based on indicators of compromise from hunting operations and high-quality threat intelligence feeds.
  • Full threat context eliminates manual guesswork and puts the most relevant attack details at the analyst's fingertips.
  • Drive dynamic incident response rules and automatically trigger responses from existing security enforcement points.
see use cases

Cognito Recall

  • Hunt for threats retrospectively to determine whether newly discovered indicators of compromise exist in historical data.
  • Accelerate incident investigations with conclusive, actionable context about compromised devices and workloads over time.
  • Quickly and easily find all devices or workloads accessed by compromised accounts and identify files involved in exfiltration.
  • Rich, historical metadata is stored in the cloud for as long as it is needed to augment incident investigations.
see use cases