LEO is a cyber security IP holding company. Our intellectual property is most easily described as an extensible Managed Detection and Response service.
Our IP was developed in house and deployed on our customers endpoints and networks. Our IP continuously monitors, prioritizes, and responds to cybersecurity threats. The IP has the scalability, intelligence, rules and technical capabilities to deliver the same capabilities offered by major vendors at a materially lower cost. It can be deployed in less than an hour with no servers to install or overhead incurred by our customers. No license or upfront fees.
Our IP consists of four primary components which function together to provide world class MDR efficacy.
1. Event Tracking System and Reporting Dashboard
2. Endpoint Monitoring – A non-intrusive system and application monitoring agent is installed on Microsoft Windows, Linux, and Macintosh systems (servers, workstations, laptops, virtual machines, and cloud)
3. Network Monitoring – Captures network flow metadata in addition to high-fidelity transaction logs of TLS, SMB, and DNS traffic
The NSP generates alerts from parsing full packets, communication sessions, and transactional data from observed network traffic.
4. Event Security Platform is the brains of our solution. It collects, aggregates, and correlates data from endpoints and networks and applies rules and scoring metrics against the endpoint and network data.