Carmen is a solution to the identification of Advanced Continuing Threats (APT) through the acquisition, processing and analysis of the information gathered. Developed by the CCN-CERT, together with the rest of solutions
detection
(SAT-INET and SAT-SARA) and analysis
( Gloria
, Maria
and Marta
), Carmen is responsible for detecting anomalies and lateral movements within and outside the network. Moreover, this solution CERT analyses code governmental harmful through sandboxing advanced.
Among its main advantages is that of protecting sensitive information, intellectual property and assets critics of all agencies and public sector enterprises and strategic interest that they use. In its development, the CCN-CERT also thought of preventing damage to the corporate reputation and reduce the economic impact caused by the theft of information. It allows analysts to obtain a complete visibility and aware of the movement of non-legitimate organizations.
A decision support
Carmen focuses on the processing and analysis of trafficking, as well as in the current standard maintenance of persistence or theft of information in the corporate network (lateral movement). Therefore, it acquires the information of and trafficking of outgoing network of the organization monitored, normalizes and stores. In this way can be purchased such information passively or through the reception of records.
Since then, Carmen becomes a solution to support decision making, which allows security analyst find the needle in the haystack and prioritize the elements to look across the entire volume of data acquired. To provide a fuller use, Carmen integrates with other solutions of analysis and exchange as Lucía and Reyes.
Those interested in receiving further information, please contact the CCN-CERT through email de contacto: carmen@ccn-cert.cni.es
