DivvyCloud leverages Cloud Service Provider (CSP) services (e.g., Amazon GuardDuty) for best-in-class intelligent threat detection that continuously monitors for malicious activity and unauthorized behavior. These CSP services use machine learning, anomaly detection, and integrated threat intelligence built by the CSPs themselves to identify and prioritize potential threats. Detect for activities like:
Credential compromise behavior
Communication with known command-and-control servers
API calls from known malicious IPs.
When a threat is identified, DivvyCloud can perform automated remediation actions including reconfiguring cloud services, making changes to cloud infrastructure, driving human-centered workflows with integration into systems like ServiceNow and Jira, and orchestrating workflow actions in other security and management systems.