SNYPRTM is a security analytics platform that transforms Big Data into actionable security intelligence. It delivers the proven power of Securonix analytics with the speed, scale, and affordable, long-term storage of Hadoop in a single, out-of-the box solution.
SNYPR ingests petabytes of data generated in large organizations, processes it and analyzes it in real-time using a combination of user and entity behavior analytics (UEBA), unsupervised Deep Learning, and threat modeling to deliver true predictive threat detection and unprecedented historical investigation capabilities.
What does SNYPR mean for enterprise security?
- A holistic enterprise security analytics platform that marries best-of-breed Big Data and analytics technologies
- Detect the most sophisticated advanced persistent threats and “low and slow” attacks over extended periods of time
- All historical, security-relevant data is available for investigation
What is SNYPR?
SNYPR runs the Securonix technology and all its features natively on Hadoop and uses Hadoop both as its distributed security analytics engine and long term data retention engine. The more data to be ingested and analyzed, the more Hadoop nodes to be added, the solution scales horizontally as needed.
SNYPR comes as a prepackaged bundle that includes the latest Securonix 5.0 technology and the Cloudera Hadoop distribution, or can also be deployed with pre-existing Hadoop clusters (Cloudera, HortonWorks, MapR).
SNYPR User Interface
The SNYPR user interface has been built on the same Securonix user interface framework used by Securonix Enterprise, allowing a user to easily switch from one product to the other without having to re-learn how to use the technology.
Interactive Forensics Investigation
In addition to the Securonix Enterprise feature set, SNYPR introduces SPOTTER, a blazing fast, natural language search engine that gives investigators all the tools needed to investigate today’s threats and track advanced persistent threats over long period of times, with all data available at all times.
Product Key Features
All the data ingested by SNYPR is normalized, summarized, and enriched at time of ingestion with contextually relevant information such as user, third-party intelligence, and geolocation data.
Distributed Behavior Analytics
Leveraging Hadoop’s distributed and scalable nature, SNYPR performs distributed real-time anomaly detection regardless of the amount of data coming into the platform.
With SPOTTER, the investigators can go back in time and understand who was doing what, when, and why, with all the relevant contextual information needed to be effective.
Fully distributed and scalable architecture for data ingestion, processing, and analytics of petabytes of data with the affordable long-term storage of Hadoop.
All machine data ingested, processed, and analyzed by SNYPR is automatically replicated across Hadoop Distributed File System (HDFS) data nodes to provide fault tolerance.
With the pre-packaged Cloudera OEM version of SNYPR, use Cloudera Manager to manage all your Hadoop components from a single pane of glass.
Securonix builds and continuously updates purpose-built apps based on specific use cases and verticals.
Identity & Access Analytics
Data mining and peer analytics based on data coming from IAM products and automated identification and risk ranking of rogue and high risk access on applications, servers, databases, and mainframe systems for certification and cleanup.
Privileged Account Analytics
Continuous identification and monitoring of privileged accounts for known and unknown misuse and anomalous high-risk behavior using behavior and peer group analysis.
Data Security Analytics
Automatic and proactive identification of data exfiltration risk coming from inside and outside the organization in advance, during, and after an attack.
Continuous monitoring of banking, insurance, and retail transactions to detect suspicious activities such as low and slow transactions and abnormal transaction volume patterns.
Trade Surveillance Analytics
Automated detection and prevention of insider trading and monitoring of suspicious activities such as abnormal trading transactions prior to close of trading.
Cyber Security Analytics
Real-time behavior analytics on security, network, and endpoint events for automated identification of attacks at the device, network and endpoint levels while providing full context monitoring, risk ranking, and link analysis investigations.
Enterprise Application Analytics
Threat and risk monitoring for the organization’s critical business applications and the data they hold.
Cloud Application Analytics
Identification and monitoring of high-risk cloud platforms and applications for inappropriate and high-risk usage for proactive response against data exfiltration and other attacks.