ZADIG is considered the first modern investigator.
A character conceived by the great illuminist Voltaire, ZADIG is the protagonist of a tale between myth and reality. For us ZADIG1 is not only this, it is the name given to the Cyber Security Operation Center (CSOC) created by BITCORP to guarantee the constant monitoring of network traffic, through Artificial Intelligence, on 'supervised expert system' and the use of cryptographic systems derived from the Blockchain paradigm.
Unlike the other Intrusion Detection Systems (IDS), ZADIG is entirely managed by an Artificial Intelligence Expert device that operates on machine learning technologies, able to progressively learn and automatically model its behavior according to the characteristics and evolution of the network.
However, what sets us apart from our competitors is a hybrid man-machine approach aimed at achieving cyber-situational-awareness, in the world known as the Holy Grail of cybersecurity. In fact, advanced AI technologies are combined with experienced and trained operators to react to any kind of scenario, reducing false positives.
Our analysis system is a Software As A Service (SAAS). It consists of a back-end containing the A.I. algorithms that corresponds to the Expert System upstream of Edera, our TECHINT/SIGINT system at the service of national police and intelligence institutions. It also consists of a middleware, which allows to integrate, through APIs, any type of interface required or already available to the customer, thus forming a system of 'Platform As A Service' (PAAS). Public institutions or companies (from SMEs to multinationals) that have adopted it, have concrete and immediate benefits:
• Reduced costs, as the system replaces complex structures of analysts and reduces hardware costs;
• Response speed, thanks to the computing power of the IBM cloud;
• Security of customer data through the use of differential privacy and, when required, secure hardware such as Intel SGX;
• High adaptability, customizable system for different applications;
The ZADIG analysis system works according to the following steps:
Collects data from the monitored network using probes (trunk/mirror port in cluster configuration for corporate networks).
Data can be processed either using the Cloud, through an analysis based on differential privacy, or through machine learning on encrypted data using homomorphic encryption techniques. Alternatively, data can be processed simply by remaining in the customer's network and periodically downloading Machine Learning models from the Cloud, then based on our internal analysis and intelligence derived from data that we collect via Internet with honeypot-type probes.
The report contains all the information needed to enable IT managers to intervene.
After each IT intervention, the system learns about the changes made and the subsequent warnings take these changes into account by updating the alert/performance status.
The system is equipped with different modes of intervention, including the automatic blocking of threats, or the ability to allow the operator to intervene independently.
The ZADIG analysis system, therefore, allows not only to identify and block any external threats (malicious payload, port scanning, vulnerabilities and backdoors), but also any anomalies recorded within the network (corporate infidelity, negligence, etc.). Its range of action is not limited to the monitoring of possible cyber attacks, but to any anomaly depending on the type of network monitored (losses or failures of 'SCADA' pipelines, interruptions in the services of photovoltaic panels, accidents or man-to-ground in shipbuilding, failures or malfunctions of machines or production processes, IoT. systems, home automation, alarm systems, etc.). The ZADIG system is therefore implementable and adaptable to any monitoring requirement managed by electronic or electrical impulse systems.