360 Safe Lobster

What is this product

360 Safe Lobster is an advanced network security threat detection and response (NDR) platform. It solves the problem of organizations struggling to identify and respond to sophisticated cyber threats hidden within their network traffic. By analyzing network data, it detects intrusions, malware, and abnormal behaviors that traditional security tools often miss, providing automated investigation and response capabilities to significantly reduce security risks and operational burdens.

Application Scenarios

• Data Center and Cloud Workload Protection: Continuously monitors east-west traffic within data centers or cloud environments (like AWS, Azure) to detect lateral movement and insider threats.
• Critical Infrastructure Security: Used by industries like finance, energy, and government to guard core business networks and sensitive data against advanced persistent threats (APTs).
• Security Operations Center (SOC) Efficiency Enhancement: Serves as a core analysis platform for SOC teams, automating evidence collection and incident analysis to accelerate threat response.
• Post-Breach Investigation: When a security breach is suspected, it can perform retrospective analysis on historical network traffic data to trace the attack chain and assess the impact.

Main Features

• Full Traffic Analysis: Leverages techniques like deep packet inspection (DPI) and network metadata analysis to detect threats across various protocols.
• Advanced Threat Detection: Utilizes threat intelligence, behavioral analysis, and machine learning models to identify malware, ransomware, C2 communication, and anomalous activities.
• Automated Incident Response: Provides automated workflows for evidence gathering, attack chain visualization, and can integrate with other security products (like firewalls) for blocking actions.
• Attack Retrospection: Stores and indexes massive amounts of network traffic data, allowing security teams to search and investigate historical incidents over a long period.
• Visual Attack Analysis: Presents clear visualizations of the attack chain, from the initial entry point to the final target, simplifying complex threat understanding.

Pricing

360 Safe Lobster primarily employs a customized enterprise pricing model. Specific costs depend on factors such as network traffic volume (bandwidth/data), deployment scale, required feature modules, and service support level.

• Free Tier: A free trial is typically offered for a limited period, allowing evaluation of core functionalities. There is no permanently free plan.
• Paid Plans: Formal pricing is negotiated upon request. Enterprises need to contact 360's sales team for a quote based on their specific needs. It is a premium enterprise-grade solution.

FAQ

• How is it different from a traditional firewall? A firewall is primarily a access control device at the network boundary. Safe Lobster focuses on detection and response inside the network, analyzing traffic to find threats that have bypassed perimeter defenses, providing deeper visibility.
• Does it require installing agents on every device? No. It primarily uses network mirroring (span port) or network packet broker (NPB) methods to collect traffic data, requiring no agent installation on endpoints or servers, making deployment relatively lightweight.
• What kind of technical team is needed to operate it? While it automates many tasks, effective operation and analysis typically require personnel with foundational knowledge in network security and SOC operations. The platform itself is designed to reduce the technical burden through automation and visualization.