Advanced Data Loss Prevention
WANVector monitors packet traffic and geolocates that traffic in real-time while comparing the discovered destinations to the CyVectors AI cloud. Geolocated destinations are shown on a world map, while also reporting local port, remote port, remote country, and whether the destination is a known threat according to the AI cloud. Additionally, WANVector records packet traffic, discovered destinations, and destination threat level to a local text log and to Windows Event Logs for the Event Forwarding Agent to send to your SIEM as syslog.
This solution is commonly used to find malware command and control traffic over trusted ports like 443.