DISRUPT Line of Products
Our DISRUPT line of products include systems that operate inline on networks to detect and disrupt attacks nullifying the threat to the network. DISRUPT is a concept of resetting connections when they are determined to be malicious in nature, redirecting malware traffic from known bad to known good sites to alert the end user of the infection attempt and providing a security platform to detect when systems on a network are infected or in the control of adversaries.
The DISRUPT products include IDS/IPS, Custom Built Proxy Servers, DNS RPZ Sinkhole Services and other technologies that consume our threat intelligence feeds and protect the end user from malicious attack through the method of interrupting the connection when an attempt is made to download bad content (protection through hashes), secondary payload installation (protection through disruption of a malware infection chain of events), DNS Sinkhole (the process of redirecting name resolution from harmful to safe data points) and the detection of these activities by security personnel to be able to focus on real threats instead of security console chatter.
The DISRUPT proxy server is a Jigsaw product that uses Jigsaw Threat Feeds to disrupt request made through a proxy server to prevent infection, stop the theft of information and hide your users from identification through IP address masking, cookie collection and analysis and preventing direct Internet access by employees. In addition the proxy is capable of attribution of end users by forcing 2 factor authentication for access to Internet resources.
The DISRUPT DNS server prevents the lookup of bad known sites such as phishing sites to ensure users are not scammed by threat actors. Known and unknown bad sites are blocked based on content, IP address and domain name. End users that make request to known bad locations are easily identified so security personnel can then follow up with training, remediation or incident response. This system allows identification of bad destinations allowing you to concentrate security efforts on known bad request so you can respond to more incidents without wasting time and resources on false positives.
The DISRUPT line of products are available through Jigsaw as part of the Jigsaw Protection Model (also known as the JPM)