Real time threat monitoring
The Team Cymru Nimbus solution provides a cloud-based netflow collection, analysis, and reporting platform.
The partner exports their flows to a private IP and port over an encrypted tunnel. Team Cymru provides the partner with access to a portal and world-class threat intelligence feeds, specifically our IP Reputation Feed and our Controller (C2) Feed.
Using the Kibana-based portal, the partner can monitor for threats in real time, as well as analyzing flows as far back as storage and flow volume will permit. In addition, Nimbus partners are provided with XML versions of the threat intelligence feeds. They can download these feeds and apply them to their infrastructure or existing SIEM solution. The Nimbus solution provides the partner with real-time analysis, forensic analysis, and threat intelligence; the partner can greatly improve both the security and the monitoring of their network as a result.