The Nemean system is a distributed monitoring platform composed of sensors and monitors that can be scaled to meet the needs of any size enterprise. The sensor component applies Nemean’s patented behavior-aware signatures to live traffic streams to detect malicious activity with unprecedented accuracy. An optional local honeynet provides the ultimate ability to customize and refine attack detection for your enterprise. The database component receives data from local sensors and honeynets and makes all Nemean information available through our unique GUI and web services.

At the heart of the Nemean system are behavior-aware signatures that incorporate a broad set of information about how attacks are performed. These signatures result in far more accurate alerts and more detail about compromised hosts than a standard NIDS provides.

Situational awareness is realized through Nemean’s unique user interface, which presents the data you need to quickly diagnose and remedy attacks. This enables you to keep your IT infrastructure in a known-good state with fewer resources than standard NIDS/NIPS alternatives. Nemean is also designed to be easily layered on top of existing systems and interfaced with your local SEM/SIM or data repository system. Either way, the high-quality alerts generated by Nemean should be the first that your team considers in day-to-day operations.