
GREYCORTEX Mendel provides you with deep network visibility
Using the most advanced detection techniques available, Mendel protects you from any known and unknown cyber security threats your network is exposed to. By detecting threats and vulnerabilities as they occur, using AI and machine learning, Mendel stops attacks quickly, saving you time and money and helping you uncover and avoid any potential network issues. Mendel, a network detection and response tool, also fills the gaps left by both legacy and modern IDS/IPS solutions in your IT and industrial networks.
Visualizes
All Network
Communication
Gain a complete and actionable overview of all network communication, devices, and user behavior
Detects
and Prevents Security Threats Early
Receive immediate alerts of any malware, ransomware, RATs, zero-days, and performance issues
Responds
Automatically to Any Incidents
Leverage powerful automated and manual threat blocking, and incident management technology
Also Valued by Our Customers
Visualize industrial devices and equipment with OT Network Monitoring. Improve workflow performance and discover performance problems using Mendel’s Application and Performance Monitoring feature. Plus, thanks to Asset Inventory, keep all your network assets under control.
Solving
the Everyday Challenges of Your Network Security Team!
GREYCORTEX Mendel helps secure your network, protecting data, reducing risk, and maintaining safety, whenever and wherever you need it.
Why Our Customers Love Us









"With GREYORTEX Mendel we are much more secure, and can do the work of three people, and all in-house. We're very happy to have it."
IT Manager

"GREYORTEX Mendel helped us immensely. We have really strengthened our security posture and are very happy with the results."
IT Operations Manager

"We originally installed GREYORTEX Mendel as a short-team solution following the increased responsibility thrust on us by legislation. But we were really impressed with it and since then we have been using Mendel for the last four years."
ICT Director

"When it comes to usability, Mendel's interface was designed to be highly intuitive so that even a beginner could use it effectively."
System Management Section Chief
Overview
Detecting attacks and other security incidents is essential when protecting your business’s reputation, revenue and sales opportunities. Cybercriminals often hide from traditional security solutions buried within your network traffic, but finding these attacks is an enormous challenge for information security teams.
GREYCORTEX Mendel is a network detection and response tool that visualizes your network communication within all connected devices. It analyses the network traffic and detects malicious activities and advanced threats. It enables your system analysts to investigate operational and security events, to find their root cause, and to respond and mitigate them, quickly and effectively.
Key Benefits
Integrated tool for security management and cooperation
– Prevent breaches and data leaks
– Visualize everything and anything
– Increase the value of your SIEM
– Stop attacks easily
– Monitor IT and OT networks
– Control with ease via intuitive UI
See Everything & Anything
Powerful Auditing Tool
Quickly and easily filter, sort and search months of data history
Easy Root-Cause Analysis
Full network behavior of users, devices, applications, etc.
Fast Threat Hunting
Security and operational events with full network behavior and context
Detect Attacks in Early Stages
Security Breaches
Compromised devices, ransomware, trojans, botnets, data leak attempts etc.
Security Risks and Policy Breaches
Violations of ISO27000, PCI DSS, GDPR, best practices and other internal policies, miscongifurations etc.
Unusual Behavior
Unusual data transfers and user behavior, network and application performance issues etc.
Stop Attacks
Easily
Automated Attack Response
Through integration with other security infrastructure including SIEM, Firewall, NAC, …
Incident Investigation & Forensics
Investigation in months of history takes minutes instead of hours
Incident Management
Government
National and regional institutions face continuous threats coming from state-sponsored or organized cybercrime groups and random attacks. These institutions need to comply with the latest security regulations, however, many suffer from a lack of personnel and financial resources. Forensic analysis is also important for future security policy settings.
With GREYCORTEX Mendel security teams know what is happening inside their networks and can react immediately. Smaller teams can benefit from GREYCORTEX security managed services to secure the uninterrupted operation of their organization. Mendel has been successfully deployed and highly valued by many central and regional authorities, including national security authorities.
"At Hyogo prefecture Government office, we choose the Network Traffic Analyzer Mendel to strengthen our defense in depth security strategy. Furthermore, when considering the current shortage of security resources, Mendel is also an extremely advantageous security solution for companies that don't have enough security personnel since it can be used effectively even by an unexperienced security manager. Given its cost-performance ratio, I believe Mendel is an extremely impressive security solution."
Tsugawa Seiji,
System Mgt Section Chief in Kobe Prefecture Planning Dept. of IT Planning Div.
Critical Infrastructure
More and more industrial devices and equipment depend on an Internet connection, and industrial networks form an integral part of IT networks. However, loT devices and cloud services create new security gaps that make critical networks harder to protect. Securing both IT and industrial networks is challenging for the internal team, who now has to ensure the stability and uninterrupted operation of industrial equipment. Therefore, it requires a complex tool that can fit the needs of both networks and be managed by IT and OT specialists. GREYCORTEX Mendel deploys fast and passively, without an influence on network performance, and helps save financial and human resources.
"We originally installed GREYCORTEX Mendel as a short-term solution following the increased responsibility thrust on us by legislation. But we were really impressed with it and since then we have been using Mendel for the last four years. It has helped us secure our network and identify risks much more quickly than we expected. The managed service implementation we are using is very helpful for us because it increases security and keeps costs at a reasonable level."
Michal Jukl,
ICT Director in Technical Networks Brno
Justice/Legal
Keeping data confidential and maintaining client trust are vital for a successful state justice organization or private law firm. These organizations have become the target of many cybersecurity attacks aiming to steal confidential information to sell on the black market or extort money to restore data. Employees accessing confidential data remotely or using their own devices complicate the work of the IT security team who additionally need to ensure compliance with the latest government regulations. By preventing attacks before they cause damage, the network detection and response tool helps protect client data and maintain the business's reputation.
"At Kocián, Šolc and Balaštík, we take our clients' needs very seriously. From the smallest to the largest, all of our clients rely on us to maintain the confidence of the matters in which we represent them. We know that hackers are becoming more and more sophisticated, and that law firms are increasingly targeted. But with GREYCORTEX Mendel implemented in our network, we are able to defend ourselves much more effectively than before, and maintain crucial client confidence and our peace of mind."
Kocián,
Šolc and Balaštík
Healthcare
Healthcare systems are a huge complex of modern medical equipment and operating systems that helps treat and save people's lives, making them an ideal target for cybercriminals. The combination of IT, IoT and OT devices means security is a challenge and requires significant financial and staff costs. Plus, many devices use outdated operating systems, often with open access to the Internet, creating a major security risk. Traditional tools struggle to monitor medical or personal devices and cannot detect modern threats like ransomware or hacking. It is vital to have a security solution that provides full visibility of all users, devices and their activities, helping even smaller internal teams identify, analyze and stop attacks.
"We were really surprised by GREYCORTEX Mendel. We thought we would see what happened after the free 30 day trial but ended up choosing it because it allowed our team to solve a huge amount of the issues we had been having immediately, without the expensive and lengthy search for new members of the team."
CIO,
a medium-sized hospital in the CEE region
GREYCORTEX Mendel 4.0
We have released a new version of GREYCORTEX Mendel
GREYCORTEX Mendel 4.0 brings a new view of security and risks that individual subnets and hosts bring, advanced NetFlow processing and integration with other tools and security platforms.
New Network Inventory Module
Find out at a glance where in the network the problem is located
We’ve created a new view across your data that combines visibility and detection. The first time you open the new Network Inventory module, you’ll see basic information about your network, subnets and hosts, including any associated risks.
You can view your data in a filterable table or a scalable graphical interpretation.


Automated Queries from Other Tools via a New API Extension
Use Mendel as a source of quality security information
In the third extension of Mendel’s API, you can actively retrieve and manage user-defined detected events, IDS and log signatures (including variables), and malicious domains. This especially simplifies the work of larger cybersecurity teams that also use other cybersecurity systems (such as SIEMs) in their work.
Integration with the MISP Threat Intelligence Platform
Get more information about threats from publicly available sources
We bring universal native support for connecting to any MISP feed. Through this, we have laid the foundation for a new Threat Intelligence engine in Mendel that provides support for user integration with large-scale TI resources.


Community ID Support
See the same data easily across cybersecurity tools
In version 4.0, GREYCORTEX introduces the Community ID standard in its flows. This saves the work of security analysts and specialists working with multiple tools and, therefore, multiple cybersecurity datasets.
User-defined Rules for Log Processing
Customize log processing rules for your infrastructure
In addition to automated and preconfigured rules, Mendel 4.0 can receive any logs, evaluate them, process them and create events exactly according to your needs. In particular, internal security teams and secure ICT service providers have enhanced capabilities for accurate threat detection.


Easy User Identification
Save time tracking down users of individual devices on your network
Mendel links user identity information from external logs to detected events. For events, you can immediately see the user information of a given IP address and eliminate the need to trace who used it at a given time.
NetFlow Processing of up to 50 Gbit Traffic
Monitor large-scale networks with NetFlow
Mendel 4.0 can process NetFlow from up to one thousand sources, up to 50 Gbit of original network traffic and can leverage new metrics and application data for processing.

Overview
Detecting attacks and other security incidents is essential when protecting your business’s reputation, revenue and sales opportunities. Cybercriminals often hide from traditional security solutions buried within your network traffic, but finding these attacks is an enormous challenge for information security teams.
GREYCORTEX Mendel is a network detection and response tool that visualizes your network communication within all connected devices. It analyses the network traffic and detects malicious activities and advanced threats. It enables your system analysts to investigate operational and security events, to find their root cause, and to respond and mitigate them, quickly and effectively.
Key Benefits
Integrated tool for security management and cooperation
– Prevent breaches and data leaks
– Visualize everything and anything
– Increase the value of your SIEM
– Stop attacks easily
– Monitor IT and OT networks
– Control with ease via intuitive UI
See Everything & Anything
Powerful Auditing Tool
Quickly and easily filter, sort and search months of data history
Easy Root-Cause Analysis
Full network behavior of users, devices, applications, etc.
Fast Threat Hunting
Security and operational events with full network behavior and context
Detect Attacks in Early Stages
Security Breaches
Compromised devices, ransomware, trojans, botnets, data leak attempts etc.
Security Risks and Policy Breaches
Violations of ISO27000, PCI DSS, GDPR, best practices and other internal policies, miscongifurations etc.
Unusual Behavior
Unusual data transfers and user behavior, network and application performance issues etc.
Stop Attacks
Easily
Automated Attack Response
Through integration with other security infrastructure including SIEM, Firewall, NAC, …
Incident Investigation & Forensics
Investigation in months of history takes minutes instead of hours
Incident Management
Government
National and regional institutions face continuous threats coming from state-sponsored or organized cybercrime groups and random attacks. These institutions need to comply with the latest security regulations, however, many suffer from a lack of personnel and financial resources. Forensic analysis is also important for future security policy settings.
With GREYCORTEX Mendel security teams know what is happening inside their networks and can react immediately. Smaller teams can benefit from GREYCORTEX security managed services to secure the uninterrupted operation of their organization. Mendel has been successfully deployed and highly valued by many central and regional authorities, including national security authorities.
“At Hyogo prefecture Government office, we choose the Network Traffic Analyzer Mendel to strengthen our defense in depth security strategy. Furthermore, when considering the current shortage of security resources, Mendel is also an extremely advantageous security solution for companies that don’t have enough security personnel since it can be used effectively even by an unexperienced security manager. Given its cost-performance ratio, I believe Mendel is an extremely impressive security solution.”
Tsugawa Seiji,
System Mgt Section Chief in Kobe Prefecture Planning Dept. of IT Planning Div.
Critical Infrastructure
More and more industrial devices and equipment depend on an Internet connection, and industrial networks form an integral part of IT networks. However, loT devices and cloud services create new security gaps that make critical networks harder to protect. Securing both IT and industrial networks is challenging for the internal team, who now has to ensure the stability and uninterrupted operation of industrial equipment. Therefore, it requires a complex tool that can fit the needs of both networks and be managed by IT and OT specialists. GREYCORTEX Mendel deploys fast and passively, without an influence on network performance, and helps save financial and human resources.
“We originally installed GREYCORTEX Mendel as a short-term solution following the increased responsibility thrust on us by legislation. But we were really impressed with it and since then we have been using Mendel for the last four years. It has helped us secure our network and identify risks much more quickly than we expected. The managed service implementation we are using is very helpful for us because it increases security and keeps costs at a reasonable level.”
Michal Jukl,
ICT Director in Technical Networks Brno
Justice/Legal
Keeping data confidential and maintaining client trust are vital for a successful state justice organization or private law firm. These organizations have become the target of many cybersecurity attacks aiming to steal confidential information to sell on the black market or extort money to restore data. Employees accessing confidential data remotely or using their own devices complicate the work of the IT security team who additionally need to ensure compliance with the latest government regulations. By preventing attacks before they cause damage, the network detection and response tool helps protect client data and maintain the business’s reputation.
“At Kocián, Šolc and Balaštík, we take our clients’ needs very seriously. From the smallest to the largest, all of our clients rely on us to maintain the confidence of the matters in which we represent them. We know that hackers are becoming more and more sophisticated, and that law firms are increasingly targeted. But with GREYCORTEX Mendel implemented in our network, we are able to defend ourselves much more effectively than before, and maintain crucial client confidence and our peace of mind.”
Kocián,
Šolc and Balaštík
Healthcare
Healthcare systems are a huge complex of modern medical equipment and operating systems that helps treat and save people’s lives, making them an ideal target for cybercriminals. The combination of IT, IoT and OT devices means security is a challenge and requires significant financial and staff costs. Plus, many devices use outdated operating systems, often with open access to the Internet, creating a major security risk. Traditional tools struggle to monitor medical or personal devices and cannot detect modern threats like ransomware or hacking. It is vital to have a security solution that provides full visibility of all users, devices and their activities, helping even smaller internal teams identify, analyze and stop attacks.
“We were really surprised by GREYCORTEX Mendel. We thought we would see what happened after the free 30 day trial but ended up choosing it because it allowed our team to solve a huge amount of the issues we had been having immediately, without the expensive and lengthy search for new members of the team.”
CIO,
a medium-sized hospital in the CEE region
GREYCORTEX Mendel 4.0
We have released a new version of GREYCORTEX Mendel
GREYCORTEX Mendel 4.0 brings a new view of security and risks that individual subnets and hosts bring, advanced NetFlow processing and integration with other tools and security platforms.
New Network Inventory Module
Find out at a glance where in the network the problem is located
We’ve created a new view across your data that combines visibility and detection. The first time you open the new Network Inventory module, you’ll see basic information about your network, subnets and hosts, including any associated risks.
You can view your data in a filterable table or a scalable graphical interpretation.


Automated Queries from Other Tools via a New API Extension
Use Mendel as a source of quality security information
In the third extension of Mendel’s API, you can actively retrieve and manage user-defined detected events, IDS and log signatures (including variables), and malicious domains. This especially simplifies the work of larger cybersecurity teams that also use other cybersecurity systems (such as SIEMs) in their work.
Integration with the MISP Threat Intelligence Platform
Get more information about threats from publicly available sources
We bring universal native support for connecting to any MISP feed. Through this, we have laid the foundation for a new Threat Intelligence engine in Mendel that provides support for user integration with large-scale TI resources.


Community ID Support
See the same data easily across cybersecurity tools
In version 4.0, GREYCORTEX introduces the Community ID standard in its flows. This saves the work of security analysts and specialists working with multiple tools and, therefore, multiple cybersecurity datasets.
User-defined Rules for Log Processing
Customize log processing rules for your infrastructure
In addition to automated and preconfigured rules, Mendel 4.0 can receive any logs, evaluate them, process them and create events exactly according to your needs. In particular, internal security teams and secure ICT service providers have enhanced capabilities for accurate threat detection.


Easy User Identification
Save time tracking down users of individual devices on your network
Mendel links user identity information from external logs to detected events. For events, you can immediately see the user information of a given IP address and eliminate the need to trace who used it at a given time.
NetFlow Processing of up to 50 Gbit Traffic
Monitor large-scale networks with NetFlow
Mendel 4.0 can process NetFlow from up to one thousand sources, up to 50 Gbit of original network traffic and can leverage new metrics and application data for processing.

Beyond State-of-the-Art Technology
In the increasingly complex world of IT and industrial networks, we cannot rely solely on pre-set rules, baselines and tools to identify both known and, as yet, unknown threats. That’s why we invest considerable resources into our technology, innovation and research.
For us, artificial intelligence (AI) is not just an empty marketing buzzword, but is a powerful tool that provides our product with the extremely important ability to protect our users against new and highly sophisticated threats. Additionally, we do not think of machine learning as a self-serving operation, but as an essential ally for the teams that take care of the security and full functionality of the networks and infrastructures of our customers.
When it comes to research, we do not look at it merely as a formulaic element of our company’s presentation, but the only possible way forward in the ongoing fight against cyber threats. The best technology is created by the best people.

Visibility
GREYCORTEX Mendel provides you with the ability to visualize every device in your network in real time, so you can see exactly what devices are in the network – including with whom they are communicating, when, how much data they are sending and receiving, on what protocol, including its metadata, meaning that, thanks to our solution, security and operational events finally come with full and detailed context, user identities and any related threat intelligence.
But it doesn’t end there because Mendel takes this visualization a step further. With advanced filtering, combining more than 25 parameters, using logic operators, every device can not only be seen, but its communications on the network can also be thoroughly investigated, making root cause analysis, threat hunting, and network troubleshooting a breeze.

Detection
GREYCORTEX Mendel uses network detection and response to analyze and detect advanced, unknown attacks (APTs) infecting other devices, downloading Torrents, scanning for open ports, or communicating with the command and control server across your entire network in real-time. These actions create communications traffic within the network that is anomalous to “normal” network traffic.
Mendel consists of several cutting-edge technologies and detection engines:
- Intrusion Detection System (IDS)
- Deep Packet Inspection (DPI)
- Network Behavior Analysis (NBA) based on Artificial Intelligence
- Encrypted Traffic Analysis
- Network and Application Performance Monitoring (NPM, APM)
- Event Correlation (EC)
- Risk Assessment (RA)Intrusion Detection System (IDS)
Deep Packet Inspection (DPI)
Network Behavior Analysis (NBA) based on Artificial Intelligence
Encrypted Traffic Analysis
Network and Application Performance Monitoring (NPM, APM)
Event Correlation (EC)
Risk Assessment (RA)%MCEPASTEBIN%


Response
Risk and correlation analysis combines several detected events together into a single incident and assesses the risk ratings of your network, subnets, hosts, and services. Incident management features allow several analysts to work on an issue at the same time, or balance the workload within the team.
For those working with SIEM systems, GREYCORTEX Mendel can export flow data and events to the SIEM for further investigation. Analysts can also return from the SIEM to GREYCORTEX Mendel using just one click for more details.
Mendel integrates with the security tools that are already in your network, like firewalls, access control systems, and other active security tools, so you can respond to attacks, conduct investigations, manage all incidents, and block any malicious communications from a single interface.

OT — SCADA/ICS
Our solution learns the patterns of your typical network behavior and adapts its model to the current hour of the day and week, detecting who is communicating with whom, when, and with what time frequency, also including the commands, data variables, and their values.
By creating behavior models for all physical and logical devices and equipment, including every station, service, and communication channel between devices in the OT network, Mendel can detect all anomalies. At the same time, it combines specific signatures for the detection of known threats and our detection signatures to identify approximately 300 types of industrial and critical infrastructure attacks on the most commonly used OT protocols.

Research
GREYCORTEX Mendel is based on 10 years of extensive academic and industrial research, and designed using the same technology that has proved successful in multiple NIST Challenges. GREYCORTEX partners with leading research institutions worldwide in the fields of artificial intelligence, machine learning, and cybersecurity for both IT and industrial environments to ensure we provide the most up-to-date and powerful technology available on the market.
Our research interests lie in cybersecurity for IT and OT networks, such as SCADA, IoT, industrial, medical, transport, and wireless technologies that do not have end-point protection (antivirus), applying the techniques of machine learning and, especially, anomaly detection.
File Type | File Name | Download | Share |
---|---|---|---|
Product Catalog | Greycortex Product Overview(PDF) | ||
Case Study | Kiwi | ||
Case Study | HiLASE | ||
Case Study | Kocian Solc Balastik | ||
Case Study | Hyogo Prefecture | ||
Case Study | Regional Medical Facility | ||
Case Study | EU financial corrections | ||
Case Study | Karel Englis College |
Date
Title
GREYCORTEX Mendel provides you with deep network visibility
Using the most advanced detection techniques available, Mendel protects you from any known and unknown cyber security threats your network is exposed to. By detecting threats and vulnerabilities as they occur, using AI and machine learning, Mendel stops attacks quickly, saving you time and money and helping you uncover and avoid any potential network issues. Mendel, a network detection and response tool, also fills the gaps left by both legacy and modern IDS/IPS solutions in your IT and industrial networks.
Visualizes
All Network
Communication
Gain a complete and actionable overview of all network communication, devices, and user behavior
Detects
and Prevents Security Threats Early
Receive immediate alerts of any malware, ransomware, RATs, zero-days, and performance issues
Responds
Automatically to Any Incidents
Leverage powerful automated and manual threat blocking, and incident management technology
Also Valued by Our Customers
Visualize industrial devices and equipment with OT Network Monitoring. Improve workflow performance and discover performance problems using Mendel’s Application and Performance Monitoring feature. Plus, thanks to Asset Inventory, keep all your network assets under control.
Solving
the Everyday Challenges of Your Network Security Team!
GREYCORTEX Mendel helps secure your network, protecting data, reducing risk, and maintaining safety, whenever and wherever you need it.
Why Our Customers Love Us









“With GREYORTEX Mendel we are much more secure, and can do the work of three people, and all in-house. We’re very happy to have it.”
IT Manager

“GREYORTEX Mendel helped us immensely. We have really strengthened our security posture and are very happy with the results.”
IT Operations Manager

“We originally installed GREYORTEX Mendel as a short-team solution following the increased responsibility thrust on us by legislation. But we were really impressed with it and since then we have been using Mendel for the last four years.”
ICT Director

“When it comes to usability, Mendel’s interface was designed to be highly intuitive so that even a beginner could use it effectively.”
System Management Section Chief
Overview
Detecting attacks and other security incidents is essential when protecting your business’s reputation, revenue and sales opportunities. Cybercriminals often hide from traditional security solutions buried within your network traffic, but finding these attacks is an enormous challenge for information security teams.
GREYCORTEX Mendel is a network detection and response tool that visualizes your network communication within all connected devices. It analyses the network traffic and detects malicious activities and advanced threats. It enables your system analysts to investigate operational and security events, to find their root cause, and to respond and mitigate them, quickly and effectively.
Key Benefits
Integrated tool for security management and cooperation
– Prevent breaches and data leaks
– Visualize everything and anything
– Increase the value of your SIEM
– Stop attacks easily
– Monitor IT and OT networks
– Control with ease via intuitive UI
See Everything & Anything
Powerful Auditing Tool
Quickly and easily filter, sort and search months of data history
Easy Root-Cause Analysis
Full network behavior of users, devices, applications, etc.
Fast Threat Hunting
Security and operational events with full network behavior and context
Detect Attacks in Early Stages
Security Breaches
Compromised devices, ransomware, trojans, botnets, data leak attempts etc.
Security Risks and Policy Breaches
Violations of ISO27000, PCI DSS, GDPR, best practices and other internal policies, miscongifurations etc.
Unusual Behavior
Unusual data transfers and user behavior, network and application performance issues etc.
Stop Attacks
Easily
Automated Attack Response
Through integration with other security infrastructure including SIEM, Firewall, NAC, …
Incident Investigation & Forensics
Investigation in months of history takes minutes instead of hours
Incident Management
Government
National and regional institutions face continuous threats coming from state-sponsored or organized cybercrime groups and random attacks. These institutions need to comply with the latest security regulations, however, many suffer from a lack of personnel and financial resources. Forensic analysis is also important for future security policy settings.
With GREYCORTEX Mendel security teams know what is happening inside their networks and can react immediately. Smaller teams can benefit from GREYCORTEX security managed services to secure the uninterrupted operation of their organization. Mendel has been successfully deployed and highly valued by many central and regional authorities, including national security authorities.
“At Hyogo prefecture Government office, we choose the Network Traffic Analyzer Mendel to strengthen our defense in depth security strategy. Furthermore, when considering the current shortage of security resources, Mendel is also an extremely advantageous security solution for companies that don’t have enough security personnel since it can be used effectively even by an unexperienced security manager. Given its cost-performance ratio, I believe Mendel is an extremely impressive security solution.”
Tsugawa Seiji,
System Mgt Section Chief in Kobe Prefecture Planning Dept. of IT Planning Div.
Critical Infrastructure
More and more industrial devices and equipment depend on an Internet connection, and industrial networks form an integral part of IT networks. However, loT devices and cloud services create new security gaps that make critical networks harder to protect. Securing both IT and industrial networks is challenging for the internal team, who now has to ensure the stability and uninterrupted operation of industrial equipment. Therefore, it requires a complex tool that can fit the needs of both networks and be managed by IT and OT specialists. GREYCORTEX Mendel deploys fast and passively, without an influence on network performance, and helps save financial and human resources.
“We originally installed GREYCORTEX Mendel as a short-term solution following the increased responsibility thrust on us by legislation. But we were really impressed with it and since then we have been using Mendel for the last four years. It has helped us secure our network and identify risks much more quickly than we expected. The managed service implementation we are using is very helpful for us because it increases security and keeps costs at a reasonable level.”
Michal Jukl,
ICT Director in Technical Networks Brno
Justice/Legal
Keeping data confidential and maintaining client trust are vital for a successful state justice organization or private law firm. These organizations have become the target of many cybersecurity attacks aiming to steal confidential information to sell on the black market or extort money to restore data. Employees accessing confidential data remotely or using their own devices complicate the work of the IT security team who additionally need to ensure compliance with the latest government regulations. By preventing attacks before they cause damage, the network detection and response tool helps protect client data and maintain the business’s reputation.
“At Kocián, Šolc and Balaštík, we take our clients’ needs very seriously. From the smallest to the largest, all of our clients rely on us to maintain the confidence of the matters in which we represent them. We know that hackers are becoming more and more sophisticated, and that law firms are increasingly targeted. But with GREYCORTEX Mendel implemented in our network, we are able to defend ourselves much more effectively than before, and maintain crucial client confidence and our peace of mind.”
Kocián,
Šolc and Balaštík
Healthcare
Healthcare systems are a huge complex of modern medical equipment and operating systems that helps treat and save people’s lives, making them an ideal target for cybercriminals. The combination of IT, IoT and OT devices means security is a challenge and requires significant financial and staff costs. Plus, many devices use outdated operating systems, often with open access to the Internet, creating a major security risk. Traditional tools struggle to monitor medical or personal devices and cannot detect modern threats like ransomware or hacking. It is vital to have a security solution that provides full visibility of all users, devices and their activities, helping even smaller internal teams identify, analyze and stop attacks.
“We were really surprised by GREYCORTEX Mendel. We thought we would see what happened after the free 30 day trial but ended up choosing it because it allowed our team to solve a huge amount of the issues we had been having immediately, without the expensive and lengthy search for new members of the team.”
CIO,
a medium-sized hospital in the CEE region
GREYCORTEX Mendel 4.0
We have released a new version of GREYCORTEX Mendel
GREYCORTEX Mendel 4.0 brings a new view of security and risks that individual subnets and hosts bring, advanced NetFlow processing and integration with other tools and security platforms.
New Network Inventory Module
Find out at a glance where in the network the problem is located
We’ve created a new view across your data that combines visibility and detection. The first time you open the new Network Inventory module, you’ll see basic information about your network, subnets and hosts, including any associated risks.
You can view your data in a filterable table or a scalable graphical interpretation.


Automated Queries from Other Tools via a New API Extension
Use Mendel as a source of quality security information
In the third extension of Mendel’s API, you can actively retrieve and manage user-defined detected events, IDS and log signatures (including variables), and malicious domains. This especially simplifies the work of larger cybersecurity teams that also use other cybersecurity systems (such as SIEMs) in their work.
Integration with the MISP Threat Intelligence Platform
Get more information about threats from publicly available sources
We bring universal native support for connecting to any MISP feed. Through this, we have laid the foundation for a new Threat Intelligence engine in Mendel that provides support for user integration with large-scale TI resources.


Community ID Support
See the same data easily across cybersecurity tools
In version 4.0, GREYCORTEX introduces the Community ID standard in its flows. This saves the work of security analysts and specialists working with multiple tools and, therefore, multiple cybersecurity datasets.
User-defined Rules for Log Processing
Customize log processing rules for your infrastructure
In addition to automated and preconfigured rules, Mendel 4.0 can receive any logs, evaluate them, process them and create events exactly according to your needs. In particular, internal security teams and secure ICT service providers have enhanced capabilities for accurate threat detection.


Easy User Identification
Save time tracking down users of individual devices on your network
Mendel links user identity information from external logs to detected events. For events, you can immediately see the user information of a given IP address and eliminate the need to trace who used it at a given time.
NetFlow Processing of up to 50 Gbit Traffic
Monitor large-scale networks with NetFlow
Mendel 4.0 can process NetFlow from up to one thousand sources, up to 50 Gbit of original network traffic and can leverage new metrics and application data for processing.

Overview
Detecting attacks and other security incidents is essential when protecting your business’s reputation, revenue and sales opportunities. Cybercriminals often hide from traditional security solutions buried within your network traffic, but finding these attacks is an enormous challenge for information security teams.
GREYCORTEX Mendel is a network detection and response tool that visualizes your network communication within all connected devices. It analyses the network traffic and detects malicious activities and advanced threats. It enables your system analysts to investigate operational and security events, to find their root cause, and to respond and mitigate them, quickly and effectively.
Key Benefits
Integrated tool for security management and cooperation
– Prevent breaches and data leaks
– Visualize everything and anything
– Increase the value of your SIEM
– Stop attacks easily
– Monitor IT and OT networks
– Control with ease via intuitive UI
See Everything & Anything
Powerful Auditing Tool
Quickly and easily filter, sort and search months of data history
Easy Root-Cause Analysis
Full network behavior of users, devices, applications, etc.
Fast Threat Hunting
Security and operational events with full network behavior and context
Detect Attacks in Early Stages
Security Breaches
Compromised devices, ransomware, trojans, botnets, data leak attempts etc.
Security Risks and Policy Breaches
Violations of ISO27000, PCI DSS, GDPR, best practices and other internal policies, miscongifurations etc.
Unusual Behavior
Unusual data transfers and user behavior, network and application performance issues etc.
Stop Attacks
Easily
Automated Attack Response
Through integration with other security infrastructure including SIEM, Firewall, NAC, …
Incident Investigation & Forensics
Investigation in months of history takes minutes instead of hours
Incident Management
Government
National and regional institutions face continuous threats coming from state-sponsored or organized cybercrime groups and random attacks. These institutions need to comply with the latest security regulations, however, many suffer from a lack of personnel and financial resources. Forensic analysis is also important for future security policy settings.
With GREYCORTEX Mendel security teams know what is happening inside their networks and can react immediately. Smaller teams can benefit from GREYCORTEX security managed services to secure the uninterrupted operation of their organization. Mendel has been successfully deployed and highly valued by many central and regional authorities, including national security authorities.
“At Hyogo prefecture Government office, we choose the Network Traffic Analyzer Mendel to strengthen our defense in depth security strategy. Furthermore, when considering the current shortage of security resources, Mendel is also an extremely advantageous security solution for companies that don’t have enough security personnel since it can be used effectively even by an unexperienced security manager. Given its cost-performance ratio, I believe Mendel is an extremely impressive security solution.”
Tsugawa Seiji,
System Mgt Section Chief in Kobe Prefecture Planning Dept. of IT Planning Div.
Critical Infrastructure
More and more industrial devices and equipment depend on an Internet connection, and industrial networks form an integral part of IT networks. However, loT devices and cloud services create new security gaps that make critical networks harder to protect. Securing both IT and industrial networks is challenging for the internal team, who now has to ensure the stability and uninterrupted operation of industrial equipment. Therefore, it requires a complex tool that can fit the needs of both networks and be managed by IT and OT specialists. GREYCORTEX Mendel deploys fast and passively, without an influence on network performance, and helps save financial and human resources.
“We originally installed GREYCORTEX Mendel as a short-term solution following the increased responsibility thrust on us by legislation. But we were really impressed with it and since then we have been using Mendel for the last four years. It has helped us secure our network and identify risks much more quickly than we expected. The managed service implementation we are using is very helpful for us because it increases security and keeps costs at a reasonable level.”
Michal Jukl,
ICT Director in Technical Networks Brno
Justice/Legal
Keeping data confidential and maintaining client trust are vital for a successful state justice organization or private law firm. These organizations have become the target of many cybersecurity attacks aiming to steal confidential information to sell on the black market or extort money to restore data. Employees accessing confidential data remotely or using their own devices complicate the work of the IT security team who additionally need to ensure compliance with the latest government regulations. By preventing attacks before they cause damage, the network detection and response tool helps protect client data and maintain the business’s reputation.
“At Kocián, Šolc and Balaštík, we take our clients’ needs very seriously. From the smallest to the largest, all of our clients rely on us to maintain the confidence of the matters in which we represent them. We know that hackers are becoming more and more sophisticated, and that law firms are increasingly targeted. But with GREYCORTEX Mendel implemented in our network, we are able to defend ourselves much more effectively than before, and maintain crucial client confidence and our peace of mind.”
Kocián,
Šolc and Balaštík