Why Owlyshield

It’s common for cybercriminals to stay hidden within systems for extended periods before
they’re detected. However, by actively listening for weak signals of their presence, we can uncover their activity. Owlyshield, our EDR solution, ensures your business stays safe by detecting and eliminating threats to critical applications that are exposed.

Products

Agent

This EDR agent is fast, lightweight, and can protect Linux, OpenWrt, and Windows systems against ransomware attacks using embedded machine learning capabilities. It detects and stops threats in real-time without slowing down the system, making it a valuable tool for organizations that prioritize performance and efficiency.

How to get started / 2 install

Install the Agent on your Servers > Connect it to Wazuh > Start

Documentation

AI Engine

The AI engine on the server provides advanced novelty detection for detecting weak signals of intrusions, such as the use of command and control probes. The agent connects to this engine to quickly identify suspicious activity and alert security teams in real-time, providing an additional layer of security for organizations of all sizes.

SIEM

This is the subtitle

Exemples of detected behaviour

Owlyshield provides a powerful solution for detecting and responding to threats in real-time. Here are three real-life examples of how Owlyshield protected our customers :

Weak signals

An attacker exploited a critical CVE in an ESXi server to deploy a payload. Owlyshield detected weak signals of the attack on the ESXi server by analyzing the file activities and identifying unusual behavior in the ESXi process family, indicating the presence of a malicious process.

Hidden URL

A web application built with JHipster had a hidden URL that could be used to dump the JVM memory, but the infrastructure team was not aware of this vulnerability. Owlyshield was able to detect it was exploited by analyzing the file system for unusual activity related to creating the dump file

Large and expensive ERP

A large and expensive ERP system was accessed by teams of consultants from different countries. One of them, with admin rights, began to slowly corrupt specific files in the ERP system. The attacker used this tactic to make the corruption look like a series of bugs or glitches rather than a deliberate attack.

This is the subtitle

SOC and
MSSP

01.

Standard market tools

It integrates with standard market tools to provide security events

02.

AI Model

The AI model for novelty detection is extremely powerful and there is very few false positive

Get in touch

03.

Zero-daysIt is designed to detect that Zero-days are exploited

04.

TitreTexte

Apply Owlyshield across multiple verticals

ERP Owlyshield offers vertical versions with pretrained models specifically designed for Sage X3, SAP, and Odoo. These models are optimized to quickly identify potential security threats within these complex applications, providing comprehensive protection for critical business systems and data.

This is the subtitle

Open source

At Owlyshield we believe the best way to develop cybersecurity software is through open-source. We are all about transparency, trust, and code quality. ‍ The Agent has always been and will always remain open source (EUPL license).