GREYCORTEX Wireless Detection and Response
The WDR software module and the new GREYCORTEX Mendel wireless probes extend the existing capabilities of this NDR product with visibility into Wi-Fi networks, their analysis and detection of operational and security events in wireless networks.
GREYCORTEX WDR provides continuous monitoring of wireless traffic and early detection of current and future operational and cyber (information) security threats and incidents in wireless networks based on IEEE 802.11 family communication standards.
Processed Wi-Fi data:
– Beacon
– Probe
– Authorization (deauthorization)
– Association (disassociation)
– Wi-Fi data
– Radiotap (signal information)
GREYCORTEX WDR offers visibility into wireless networks, their operational statistics and reporting of detected operational problems and potential security incidents with regard to their further detailed (forensic) analysis within the new concept of network visibility, detection and enabling timely response. It is therefore one of the first products in the Wireless NDR (Network Detection and Response) category, abbreviated WDR.
The product is based on WIPS (Wireless Intrusion Prevention System) technology and uses many advanced analytical methods and artificial intelligence algorithms analyzing both the physical properties of wireless networks and threats within a number of IEEE 802.11 protocols that cannot be seen on LAN networks.
Detected Events:
– Network / Access Point / Client Anomaly
– New, Changed, Lost Network / AP / Client (policy violation)
– Foreign, Rogue, Ad-hoc devices
– (De) authorization, association
– Weak encryption detection
– DoS, BruteForce, Fragmentation attacks (2021)
Project Advanced Methods for Monitoring Wireless Network Traffic was funded with state support of the Technology Agency of the Czech Republic within the ZETA Programme.