Response and Containment

Proactively monitoring networks and endpoints in real-time, 24/7/365. Gaining valuable insight into an environment and accelerating threat detection, reducing cyber risk with better regulatory and policy compliance.

Phen’s defense method allows you to create a prioritization strategy that avoids the pitfalls of a time-, asset-, or data source-based approach. By thinking like an attacker, you can target assets that are truly at risk (whether or not they are considered “valuable” from a business perspective). Vulnerability-based models fall apart in comparison because they focus on the weakness of the infrastructure without any proof that those weaknesses are of value to an attacker.

Real-time security monitoring is a critical component to combat advanced threats using a wide range of collection and analysis techniques such as, honeypot deployment analysis, security artifact analysis and attacker profile analysis, enabling our team of cyber experts to identify attackers, their victims, methods and intents.

Monitoring also adds an internal layer of protection against cloud threats and insight into external threat vectors. Without monitoring, there is no way to prove who is responsible for an attack, who got in and how to prevent it from happening again.

  • Continuous recording
    • Continuous Endpoint Recording
    • INSTANT Aggregated Threat Intelligence
    • Detection in Real-time
    • Integrated Exploit Mitigation
  • Response & Attack Recovery
    • Immediate Endpoint Isolation
    • Live Endpoint Response
    • Real-time Attack Termination
    • Comprehensive Threat Remediation
    • Rapid Attack Banning


Phen.AI accommodates new assertions and evidence with its existing theories and understanding of the world. Phen’s reasoning engines contain inference modules that enable efficient, scalable inference, drawing conclusions from known facts, answering questions, and solving problems.