Cyber Detection at Its Best
SNOW is a lightweight cross-platform endpoint detection/response sensor that enables micro and macro level detection and analysis against threat events using proprietary threat detection algorithms and telemetry data gathered from endpoint devices.
More specifically, SNOW is recording and detecting native execution of binaries, loading modules, changes made to the file system (registry) and network connections in order to provide a continuous collection of data for analysis and development of a timeline.
Approximately 1.5-2.0 MB per day per machine of uncompressed data is gathered and approximately 500KB per day per machine of compressed data is transferred to the cloud.
Yes: it’s encrypted using the AES-256 cipher with the key transmitted using 2048-bit RSA. Additionally, HTTPS transport has been implemented.