Webinar: Top Tips for Effective Cyber Threat Hunting Watch Now
FlowTraq > Worm and Scan Detection

Worm and Scan Detection

FlowTraq detects worms, scans, and network reconnaissance

Network worms propagate through your network rapidly by looking for hosts with common vulnerabilities, automatically exploiting those vulnerabilities to spread to those hosts, and finally using those hosts to spread even further. To find vulnerable systems, worm-infected machines scan around looking for hosts with similar weaknesses. This scanning behavior is distinctive and quite alarming if several internal systems show the same bad pattern in rapid succession.

NMAP and other “port scanning” tools show a very similar behavior; however, they may be scanning one or multiple systems on one or multiple ports. These kinds of scans are a very common reconnaissance technique used by attackers, and can serve as an early warning for other nasty attacks to come.

FlowTraq learns network traffic and reveals unusual patterns

FlowTraq analyzes the traffic on your network to look for worm and scan behaviors.  To avoid costly false positives FlowTraq actively learns from your traffic and remembers typical patterns, allowing you to focus on solving the real network threats.

FlowTraq can help you defend your network from these threats and more.
To learn more, contact us or explore the following links: DDOS and Brute Force Attack Detection,  Botnet and Anomaly Detection.


Request a Free Trial of FlowTraq or Schedule a Live Demo Today.