Overview

As the experts in advanced threat protection, Damballa discovers active threats that bypass all security prevention layers. Our flagship product, Damballa Failsafe, detects successful infections in real time and with certainty, pinpointing the compromised devices that represent a business’ highest risk, terminating their activity and giving responders the ammunition needed to rapidly prevent loss. It delivers actionable information about known and unknown threats regardless of the infection’s source, entry vector or device OS and arms responders with definitive evidence so they can rapidly prevent loss on high-risk devices while blocking activity on the rest.

Our data and machine learning history can’t be replicated. We have visibility into nearly 15% of global Internet activity, 200,000 malware samples daily and hold the industry’s largest passive DNS (pDNS) database. Our unequaled visibility into threat-related activity feeds Failsafe’s detection engines, which gets ‘smarter’ over time as it continually watches network communications and profiles traffic patterns. Customers experience a dramatic increase in true positive infection confirmations, compared to existing prevention tools, saving a little more than 5,000 hours per year, or the equivalent of 2.5 FTEs across a 100,000 node environment.

Unlike point techniques such as sandboxing, Failsafe doesn’t have to see a malware file in motion, allowing Failsafe to find unknown threats faster, more accurately and more completely than gateway and endpoint-signature and file analysis-based solutions.

Our patented solutions leverage Big Data from the industry’s broadest set of consumer and enterprise network traffic data, and combines that with machine learning to automatically discover and terminate criminal activity, stopping data theft, minimizing business disruption, and reducing time to response and remediation.