Terms like Artificial Intelligence and Machine Learning have flooded the cybersecurity market. But many tools can’t effectively use AI and Machine Learning tools because they don’t have adequate data. MENDEL’s Advanced Security Network Metrics (ASNM) protocol monitors hundreds of features of each network flow, with the capacity to handle many times that. This means that in comparison to solutions relying on the NetFlow protocol alone, MENDEL has much richer data and the ability to do real Machine Learning analysis, meaning that MENDEL distinguishes normal flow characteristics from malicious ones, without the need to decrypt the data - although MENDEL can decrypt encrypted traffic with a private key.
GREYCORTEX MENDEL is much more sensitive and effective in detecting malicious and unwanted behavior. MENDEL also uses proper and consistent bi-directional network flows which means it can identify the beginning and the end of each flow (even non-TCP) and determine most of the requests and responses they contain, rather than just those split into one to five minute intervals. This capability is accomplished by the Deep Packet Inspect (DPI) engine, and it is able to detect application metadata.