Out-of-the-box Security Suite

Using modern technologies in combination with statistical methods and intelligent algorithms, we are revolutionizing the security monitoring of IT systems.

Mario Jandeck, CEO Enginsight

TECHNICAL DOCUMENTATION

Start directly with all relevant security analyses without configuration.

Page 2 | enginsight.com | hello@enginsight.com

MARIO JANDECKPosition: CEO

mario.jandeck@enginsight.com

ERIC RANGEPosition: CTO

eric.range@enginsight.com

MAX TARANTIKPosition: CMO

max.tarantik@enginsight.com

Together safe, with our customers

ABOUT US

YOUR CONTACT PERSONS

We at Enginsight are excited and looking forward to working with our customers to make the digital world a little safer. Take the first step in a new, exciting and secure direction for your business and get in touch with us.

TABLE OF CONTENTS

Enginflow .......................................................3

Server & Software Components ................4

Technical Architecture .................................5

Insight Security Analyses ............................6

Intelligent IT-Monitoring...............................8

Automatization & Alerts ..............................9

Pricing .............................................................10

Support ...........................................................12

Feature-Overview ..........................................13

Page 3 | enginsight.com | hello@enginsight.com

Enginsight is more than just a tool.

THE ENGINFLOW

Enginsight is a process!

AUTONOMOUS AND INTELLIGENT SYSTEM MONITORINGEnginsight - The innovative IT security solution

With its software platform, Enginsight GmbH offers an integrated solution for monitoring servers, Websites, IoT devices and networked machines/production facilities.

Enginsight intuitively combines IT monitoring, cybersecurity and penetration testing,paired with intelligent algorithms (neural networks), which guarantee a maximum of automation.

06

05

04 03

02

01

Enginsight acts Pro-ActivelyAutomation through a plugin system

Concrete recommendations for actionWebhooks (Push)

Auto UpdatesConsulting

SOLUTION

Automated penetration testing Information retrieval on the basis of defined target

groups with the knowledge of the watchdogs

Reproducible security scenarios through standardized audit reports

PENETRATION-TEST

Interactive map of your entire IT landscapeImmediate detection of dependencies

Manual creation of IT environments possibleDocumentation of responsibilities

VISUALIZATIONAnomaly detection by neural network (AI)CVE scannerEvents / Alarm SystemDeep Packet InspectionSecurity Scores Detailed Reporting (PDF reports)

EVALUATION

LIVE monitoring and data collection on security and availability on a host.

MONITORING

Network Asset DiscoveryAutomatic detection and classification of all devices for each network segmentWindows & Linux devices | VM hosts | IoT device IP devices (e.g. printers, routers, switches)

DISCOVERY

WATCHDOG

PULSAR AGENT

Setting up standard health checks such as Ping, Port and SNMP

WITHOUT AGENT

HACKTOR ENGINSIGHT SERVERAPI

#enginflowOBSERVER

LIVE monitoring and data collection on security and availability for an IP/URL.

Page 4 | enginsight.com | hello@enginsight.com

WHAT’S HAPPIN’ BACKGROUND

SERVER AND SOFTWARE COMPONENTS

SERVER COMPONENTS

APIUse our powerful API for individual solutions and integration scenarios. All functions of the Enginsight platform can be used via API. Integrate Enginsight into existing applications or develop your own applications with Enginsight in the backend.

MONGO DBEnginsight uses MongoDB as its central database. The API server and the profiler communicate directly with the database. We recommend that you run the database on a separate server.

ProfilerThe Profiler is required if autonomous parameterization of server metrics is to be used. It is responsible for the calculation of the AI profiles.

additional servicesOur micro service architecture includes a number of additional services that can be outsourced to your own servers if required. These include the application service for basic functions such as user management, the UI service for the user interface and the sentinel that provides the alarm system.

SOFTWARE COMPONENTS

Observer

The Observer stands for the “view from outside”. It examines which information can be obtained by observing the endpoints (URLs/IPs) from outside without having internal access to the systems. The Observer permanently monitors an endpoint for security-relevant information and availability. Multiple Observers can be combined to provide a view from different locations to one endpoint.

non-invasive (extern) | CVE-Scanner | Uptime Monitor | SSL/TLS Check | Portscan | HTTP-Header Analysis | Vulnerability Test

Watchdog (Enginflow Step 1)

The Watchdog scans entire network segments (Asset Discovery) - all devices in the network are automatically detected and inventoried. At the same time, it searches for security vulnerabilities and provides standard monitoring via SNMP, pings and port monitoring.

non-invasive (intern) | CVE-Scanner | Inventorisation | Health-Checks (Ping, Port, SNMP)

Pulsar Agent (Enginflow Step 2)

The Pulsar Agent is installed on any device (server, client, IoT, ...). The agent provides all information regarding monitoring and security and can execute commands on the system independently if required.

non-invasive (intern) | SIEM | DPI | CVE-Scanner| Configuration Deficiencies | Uptime Monitoring | Process Monitoring | Software Inventory | AI Anomaly Detection

Hacktor (Enginflow Step 5)

The Hacktor can be installed in a specific network segment to perform penetration tests on the accessible assets. The following attack targets are possible: entire network segments, IP addresses and endpoints (e.g. URLs).

invasive (!) | Automated penetration test (Intelligence Gathering, Spoofing, Bruteforce, Discovery, DDoS)

ON-PREMISE CAPABLE AS DOCKER ENVIRONMENT

ALSO AVAILABLE AS HARDWARE APPLIANCE

external viewinternal view

NO

N-IN

VASIVE

INVA

SIVEOnline-Dokumentation: https://enginsight.com/docs/

Seite 5 | enginsight.com | hello@enginsight.com

Modern Structures High Performance

TECHNICAL ARCHITECTURE

OBSERVER

WATCHDOGAsset Discovery

PULSAR Agent

HACKTORPentester

COMPANY

HTTPS

MONGO DB

SERVER API

PROFILER

SERVICES

SentinelCorrespondent (Reports)AnomaliesReporter (Scores & CVEs)

ENGINSIGHT CLOUD

HTTPS

HTTPS

ON-PREMISE READY

CLUSTERABLE

VIRTUAL OR

HARDWARE-APPLIANCE

Page 6 | enginsight.com | hello@enginsight.com

Eventlog analyses out-of-the-box, without preconfiguration or special use cases.

All vulnerabilities (CVEs) are managed by a Vulnerability Manager.

With the help of dynamic searches, all affected systems of the IT infrastructure can be identified quickly and transparently.

• Evaluation of event logs

• Failed login attempts

• Successful login attempts

• system events

• process events

• group events

• Dynamic Log Analysis

• Root Cause Detection (Drilldown)

• Flexible Dashboards

• Ad hoc Search

• External CVE scan Security relevant information that can be obtained by observing the endpoints (URLs/IPs) from the outside, without having internal access to the systems.

• Internal CVE scan Security relevant information that can be obtained by observing the participants within a network segment without installing agents on the devices.

• CVE scan on Hosts Security relevant information collected directly on a host (agent installation).

• Configuration deficiencies Detection of security-relevant configuration deficiencies that make the system vulnerable.

SIEM

Analysis of event logs

VULNERABILITY MANAGER

Finding security breaches

no software component necessary CVE scan and vulnerability search

All-in-one Security Insights

INSIGHT SECURITY ANALYSES

Page 7 | enginsight.com | hello@enginsight.com

• ARP Spoofing

• DNS Spoofing

• IP Spoofing

• MAC Spoofing

• Portscan

• SYN Flooding

• Hidden Services (tor, proxies, ...)

• Ping of Death

• Blacklisted IPs (well known attack IPs)

• Remote Code Execution

• Cross Site Scripting

• SQL Injection

• Path Traversal

• Fake Browser Activity

• Spam Bots

• Intelligence Gathering Information retrieval before an attack, e.g. which system, which version, ports, services, etc.

• Discovery Our web-based discovery searches for suspect accessible files such as server configuration elements, index files, HTTP server options, etc. and attempts to identify installed web servers and software.

• Spoofing TCP Sequence Prediction & IP-ID Sequence Prediction: Attack method in IP networks to simulate a different sender for the victim (IP spoofing) or to take over existing connections.

• Bruteforce ssh, ftp, telnet, etc.

• DDoS passive DDoS attack as part of the Discovery to verify server stability

NETWORKTRAFFIC

Detection of network attacks

PENTESTING

Automated attack scenarios

The detection scenarios in network traffic as well as the attack possibilities of the automated penetration test are continuously expanded and adapted to the current requirements.

Automated, plannable execution of a standardized penetration test including detailed reporting.

HACKTORPentester

necessary software componentno software component necessary

For each pentest you will receive a meaningful audit report. You see at a glance, where action is needed.

By using templates, you can repeat pentests once they have been defined to verify the measures taken.

An AI-supported procedure also detects whether personal data leaves the host unencrypted.

Page 8 | enginsight.com | hello@enginsight.com

ENGINSIGHT NEXT™

Anomaly detection w/ neural networks

MONITORING

Custom Metrics and Health-Checks

Intelligent IT-Monitoring

IT-MONITORING

If data is monitored autonomously, it is a matter of basic understanding of this data, which can be mapped by a neural network. And this is exactly what modern IT needs in order to deal effectively with the mass of data. Through the AI-supported monitoring of any metrics, it is possible to automatically detect anomalies and derive future forecasts based on normal behavior.

• Website Monitoring Monitoring of Website Uptime & Performance

• Location Based Monitoring Use our predefined or your own locations to monitor the accessibility of your website from different locations.

• Host/Server Monitoring Use Enginsight to monitor any Windows® and Linux®-based host. Monitor Standard Metrics like CPU, RAM, SWAP

• Custom Metrics Using a standardized format, any metrics can be recorded, visualized and monitored. These can be e.g. DB requests per minute, HTTP errors or visitors to your website. All data that can be displayed in a chronological order can be recorded.

• PING, PORT, SNMP Unlimited Health-Checks for all network devices

• Process & Service Monitoring Monitor all running processes and services. Together with the innovative alarm system of the Enginsight platform, you can react automatically to failures.

• Eliminate manual tasks The neural network independently takes over the parameterization for monitoring the metrics, such as CPU utilization, database sessions, http errors, etc., so that repetitive tasks on the part of the administrators are eliminated and the quality of monitoring increases.

• Reducing False Positives Due to the self-learning system, the admin is only informed in case of an anomaly, which reduces false alarms.

• Unencrypted Personal Data Enginsight NexT™ detects when personal data leaves the network unencrypted.

• Automated OS Detection

WHY HASN‘T ANYONE DONE THIS BEFORE?The prognosis using neural nets is very complex, especially if the net is trained extensively. An error or difference vector is calculated from a large number of runs and used as the basis for correction in the next input. For the neural networks a very high computational effort is therefore necessary, whereby the analyses of individual metrics take several minutes and are too slow for practical application in contrast to time series analyses.

But: We manage to calculate a metric within 2 minutes (see Metric Calculation). Thus the operation of our platform including the AI is already possible with a commercially available single-core PC.

Page 9 | enginsight.com | hello@enginsight.com

PLUGIN SYSTEM

Automated Tasksand Problem Solver

ALERTS

Extensive Alarm System

Automatizationand Alerts

ALARM & PLUGINS

The plugin system is one of the most powerful tools of Enginsight. Almost all scenarios are conceivable and executable on servers, clients and IoT devices. e.g.

Backups Blocking stolen devices Uninstalling unauthorized software Blocking attacks

• Easy cross-device alarms with tags Using tags, you only need to create one alarm to monitor multiple devices.

• Pre-define alarm scenarios Pre-defined alarm scenarios, which are constantly being expanded, save you manual configuration.

• Quick alerts You can easily add an alarm at almost any point in the software with one click.

• Chat-Integration Slack, Mattermost, Microsoft Teams

• Webhooks Use webhooks to push alarms into a third party system, e.g. ticket system

• Resolve Alarms If a problem has been fixed, e.g. by a plugin, you will be informed about it.

• Automate configuration Roll out configurations (e.g. SSL/TLS) to all hosts/servers or devices simultaneously. Or have configurations automatically imported to new network devices.

• Run actions in case of alarm Due to the self-learning system, the admin is only informed in case of an anomaly, which reduces false alarms.

• Cronjobs Schedule the execution of your plugins using cronjobs.

• Unlimited possibilities With the help of Python, Bash or Powershell there are no limits to your creativity.

MAINTENANCE WORK AND EMERGENCY MANAGEMENTIn hazardous situations, action must be taken quickly and even in an emergency, system operation should not come to a complete standstill. That sees by the way also the GDPR in such a way. Article 32 introduces the new protection objective of „resilience“ for systems that process personal data.

A Plugin can be written that with critical condition of the system automatically a Backup provided and on a server stores. Alternatively, a plugin could be imagined which would automatically restore the last security backup on the system when malware (e.g. an encryption trojan) is detected.

Page 10 | enginsight.com | hello@enginsight.com

06

05

04 03

02

01

Enginsight acts Pro-ActivelyAutomation through a plugin system

Concrete recommendations for actionWebhooks (Push)

Auto UpdatesConsulting

SOLUTION

Automated penetration testing Information retrieval on the basis of defined target

groups with the knowledge of the watchdogs

Reproducible security scenarios through standardized audit reports

PENETRATION-TEST

Interactive map of your entire IT landscapeImmediate detection of dependencies

Manual creation of IT environments possibleDocumentation of responsibilities

VISUALIZATIONAnomaly detection by neural network (AI)CVE scannerEvents / Alarm SystemDeep Packet InspectionSecurity Scores Detailed Reporting (PDF reports)

EVALUATION

LIVE monitoring and data collection on security and availability on a host.

MONITORING

Network Asset DiscoveryAutomatic detection and classification of all devices for each network segmentWindows & Linux devices | VM hosts | IoT device IP devices (e.g. printers, routers, switches)

DISCOVERY

WATCHDOG

PULSAR AGENT

Setting up standard health checks such as Ping, Port and SNMP

WITHOUT AGENT

HACKTOR ENGINSIGHT SERVERAPI

#enginflowOBSERVER

LIVE monitoring and data collection on security and availability for an IP/URL.

Cost-effective & Transparent

PRICING

FREE

ASSET REQUIRED

INCLUDED IN THE ASSET

YOU ONLY PAY FOR AN AGENT INSTALLATION OR THE MONITORING OF AN ENDPOINT (ASSET)Asset = URL, IP, Device, Server, IoT Device, Machine

Network asset discovery, monitoring via ping, port, SNMP, penetration testing, visualization of your Infrastructure is completely free. Only for a more in-depth monitoring of your devices, URLs, IPs is a asset is necessary. So you always have full cost control. The prices per asset are reduced according to purchase quantity and contract duration: O Price (SaaS): € 15.89 / Asset | O Price (on-premise): € 7.64 / Asset

FREE

FREE

ASSET REQUIREDFREE

FREE

INCLUDED IN THE ASSET

Page 11 | enginsight.com | hello@enginsight.com

ASSETS INCLUSIVE 5 20 50

Cybersecurity Suite

Security Audit

Automated Pentesting

Unlimited SNMP Sensors

Unlimited Port-/Healthchecks

Workflow Automation

IT Monitoring

IT Management

Multi Client

Unlimited Users

Basic Support Package

SMS Alerts 5 20 50

Vulnerability Manager

Slack/Microsoft Team/Mattermost Integration

PDF Reporting

Managed Onboarding

Individual MIBs

API Access

SAAS PRICING

BASIC

€

7495

€ 899,40€ 809,46

PREMIUM

€

35980

€ 4.317,60€ 3.885,84

PROFESSIONAL

€

99950

€ 11.994,00€ 10.794,60

PAYMENT METHOD

monthly

annually

ON-PREMISE

Would you like an individual offer to monitor a larger IT environment or using on-premises? We offer you our On-Premise as a one-time license purchase or as an annual rental model. Prices are based on the number of assets you need. Just contact us. We are happy to help!

Page 12 | enginsight.com | hello@enginsight.com

Number of support usersauthorized contact persons 1 2 10

Enginsight Knowledge BaseOnline access to the Knowledge Base

Software Updatesregular free software updates

E-Mail SupportInquiries to support@enginsight.com

Reaction timeduring the service hours 9 to 18 o’clock 48 h 16 h 4 h

Support Hotlineduring the service hours 9 to 18 o’clock

Inquiries by phoneNumber of calls per month 10 / month 40 / month

Remote supportRemote maintenance via Teamviewer

Individual trainingper month 1 h 2 h

Managed Onboardingjoint creation of your account 1 h 2 h

Prioritized ticket processingProcessing with high priority

Live Supportchatexclusive Mattermost Channel

Minimum contract period 1 month or more 3 months or more

SUPPORT PACKAGES

BASIC

€

000

per month

PREMIUM

€

19999

per month

PROFESSIONAL

€

39999

per month

You want some more? We offer special support packages and training concepts for our Enginsight customers.

Page 13 | enginsight.com | hello@enginsight.com

Multi-client capability

User Roles

Unlimited Users

Global Search

Integrated alarm system

Webhooks for alarms and

Documentation of

PDF reporting

API access

General

Certificate manager

Plugin system for automation

IT maps

Individual Dashboards

Dependency analyses

Patch Management (Linux)

Cron jobs

Threat manager

IT-Management

Asset Discovery

Acquisition of all devices in a network segment

Classification of equipment

Continuous scan for new devices

Acquisition of services (Mail/Web/AD/etc.)

Scan of any number of network segments

Visualization of all found devices

Management & Pentesting

FEATURES

Security Audit / Pentest

Security Audit Reports

Automated penetration testing

Templates for standardized audits

Definition of Target Groups

Operation of any number of pentesters

out-of-the-box

Page 14 | enginsight.com | hello@enginsight.com

Security analyses for linux-based systems

Security analyses for Windows-based systems

Determination of a risk score

recommendations for action

Finding safety-relevant configuration deficiencies

Finding vulnerabilities (OS and Third Party)

Classification of vulnerabilities incl. CVSS scoring

Scan of Docker Containers directly in the CI process

Deep Packet Inspection (DPI)

Detection of DDoS attacks

Detection of Bruteforce Attacks

Detection of man-in-the-middle scenarios

Detection of bot activity

Detection of unencrypted personal data in network traffic

Classification of attacks by type and origin

Finding security updates

Finding Unauthorized Software Installations

Installing updates (Linux only)

Installation of automated actions in case of alarm

Support for x86

Support for ARM

Cybersecurity IT-Monitoring

Server monitoring

Software monitoring

Process Monitoring

Network Monitoring

Health Checks*

SNMP, Ping, Port Monitoring*

IoT monitoring

Recommendations for action

Individual MIBs

KI-supported availability monitoring

Automated rule creation

AI-supported evaluation of individual metrics

The view from the insideFEATURES

Except the services marked with *.Agent installation on device = paid asset

An agent installation is required for complete internal monitoring

Page 15 | enginsight.com | hello@enginsight.com

Web Security/Monitoring

Security scoring

Analysis HTTP Headers

SSL/TLS validation according to BSI specifications

SSL/TLS validation according to DSGVO

SSL/TLS Security Analysis

Certificate monitoring

CVE Scanner

Penetration Tests (OWASP)

Finding Configuration Defects

Extended portscan

Scan for unknown malware

Uptime monitoring

Loading time monitoring

Redirect monitoring

Transactional analysis

Various locations

Individual locations

The view from the outsideFEATURES

No installation is required for monitoring from outside.*

Simply enter URL or IP address and in a few seconds the security analysis and LIVE monitoring will start.

*URL or IP address = paid asset

Page 16 | enginsight.com | hello@enginsight.com

Never before has it been so easy to monitor entire

IT infrastructures and protect them against

cyber attacks.

Enginsight is based on the latest technologies

and offers maximum automation.

Convince yourself of the enormous performance and the comprehensive

feature set.

Any questions? We are happy to help!

FYI

ENGINSIGHT GmbHHans-Knöll-Straße 607745 Jena

+49 (0)3641 271 49 66hello@enginsight.comenginsight.com

County Court JenaHRB 512808VAT ID: DE313919553Tax ID: 162/153/74606

YOUR PERSONAL CONTACTMr. Mario JandeckCEO, Enginsight