EINSTEIN

E97782

EINSTEIN is a U.S. federal intrusion detection and prevention system used to monitor and protect government agency networks from cyber threats.

All labels observed (4)

Label Occurrences
EINSTEIN canonical 1
EINSTEIN 1 1
EINSTEIN 3 Accelerated 1

How this entity was disambiguated

Statements (43)

Predicate Object
instanceOf cybersecurity system
federal intrusion detection and prevention system
appliesTo U.S. federal agencies
surface form: U.S. federal civilian executive branch agencies
associatedWith U.S. federal civilian executive branch cybersecurity programs
basedOn intrusion detection
intrusion prevention
network traffic monitoring
collects network flow data
security-relevant network metadata
country United States of America
surface form: United States
dataType network traffic metadata rather than full content in many deployments
designedFor large-scale federal enterprise networks
developedBy United States Department of Homeland Security
surface form: U.S. Department of Homeland Security
earlierVersionsCapability passive intrusion detection
focus known and identifiable cyber threats
goal enable coordinated federal response to cyber incidents
improve situational awareness of cyber threats to federal networks
hasVersion EINSTEIN self-linksurface differs
surface form: EINSTEIN 1

EINSTEIN 2
EINSTEIN 2
surface form: EINSTEIN 2.0

EINSTEIN 3
EINSTEIN 3
surface form: EINSTEIN 3 Accelerated
laterVersionsCapability automated blocking of known malicious traffic
intrusion prevention
legalFramework U.S. federal cybersecurity policy
limitation primarily signature-based detection
monitors network gateways of participating federal agencies
notTargetUser private sector networks by default
state and local governments by default
operator Cybersecurity and Infrastructure Security Agency
United States Department of Homeland Security
surface form: U.S. Department of Homeland Security
purpose detect cyber threats
monitor U.S. federal civilian agency networks
prevent cyber intrusions
relatedTo Federal Information Security Modernization Act of 2014
surface form: Federal Information Security Modernization Act

National Cybersecurity Protection System
surface form: Trusted Internet Connections initiative
sector federal government cybersecurity
securityDomain network perimeter security
supports federal incident detection
federal incident response coordination
targetUser U.S. federal agencies
surface form: U.S. federal civilian agencies
uses indicators of compromise
known threat signatures

How these facts were elicited

Referenced by (4)

Full triples — surface form annotated when it differs from this entity's canonical label.

National Cybersecurity Protection System relatedTo EINSTEIN
this entity surface form: EINSTEIN 3 Accelerated
EINSTEIN 2 partOf EINSTEIN
this entity surface form: EINSTEIN program
EINSTEIN hasVersion EINSTEIN self-linksurface differs
this entity surface form: EINSTEIN 1