Comox built for cybersecurity professionals, analysts and investigators, providing strong new visibility, context, and attribution to their security efforts.
Comox is an advanced threat intelligence and attribution platform which lets you know your enemy. With its actor and infrastructure, attribution capabilities threat intelligence teams will have a new powerful way to identify the malicious activity. Comox gives the opportunity to threat intelligence teams to put their foot front and detect the threats with higher efficiency.
The platform’s investigation tools enable customers to query an exclusive, in-depth database of compromise indicators gathered from multiple proprietary sources extending years into the past.
One of Comox’s strengths is its ability to provide information and intersections that other investigative tools cannot. Its database indexes public, hard-to-find, and exclusive to HYAS datasets which allow investigators to better fingerprint events, actors, and infrastructure.
A range of data types
Analysts can query a broad range of data types ranging from phone numbers through email and IP addresses. Comox searches and cross-references a vast array of information to return useful data for investigators to save into online case files.
Real-time event detection
Comox also features the ability to create alerts using a sophisticated set of rules, providing analysts with a rich set of real-time event detection and mitigation capabilities.
Microsoft Azure powers Comox threat intelligence platform to provide faster and reliable service.