SNYPRTM is a security analytics platform that transforms Big Data into actionable security intelligence. It delivers the proven power of Securonix analytics with the speed, scale, and affordable, long-term storage of Hadoop in a single, out-of-the box solution.

SNYPR ingests petabytes of data generated in large organizations, processes it and analyzes it in real-time using a combination of user and entity behavior analytics (UEBA), unsupervised Deep Learning, and threat modeling to deliver true predictive threat detection and unprecedented historical investigation capabilities.

What does SNYPR mean for enterprise security?

  • A holistic enterprise security analytics platform that marries best-of-breed Big Data and analytics technologies
  • Detect the most sophisticated advanced persistent threats and “low and slow” attacks over extended periods of time
  • All historical, security-relevant data is available for investigation

What is SNYPR?

SNYPR runs the Securonix technology and all its features natively on Hadoop and uses Hadoop both as its distributed security analytics engine and long term data retention engine. The more data to be ingested and analyzed, the more Hadoop nodes to be added, the solution scales horizontally as needed.

1

SNYPR comes as a prepackaged bundle that includes the latest Securonix 5.0 technology and the Cloudera Hadoop distribution, or can also be deployed with pre-existing Hadoop clusters (Cloudera, HortonWorks, MapR).

Product Highlights

SNYPR User Interface

The SNYPR user interface has been built on the same Securonix user interface framework used by Securonix Enterprise, allowing a user to easily switch from one product to the other without having to re-learn how to use the technology.

Interactive Forensics Investigation

In addition to the Securonix Enterprise feature set, SNYPR introduces SPOTTER, a blazing fast, natural language search engine that gives investigators all the tools needed to investigate today’s threats and track advanced persistent threats over long period of times, with all data available at all times.

3

Product Key Features

Data Enrichment

All the data ingested by SNYPR is normalized, summarized, and enriched at time of ingestion with contextually relevant information such as user, third-party intelligence, and geolocation data.

Distributed Behavior Analytics

Leveraging Hadoop’s distributed and scalable nature, SNYPR performs distributed real-time anomaly detection regardless of the amount of data coming into the platform.

Historical Investigation

With SPOTTER, the investigators can go back in time and understand who was doing what, when, and why, with all the relevant contextual information needed to be effective.

Scalability

Fully distributed and scalable architecture for data ingestion, processing, and analytics of petabytes of data with the affordable long-term storage of Hadoop.

Data Redundancy

All machine data ingested, processed, and analyzed by SNYPR is automatically replicated across Hadoop Distributed File System (HDFS) data nodes to provide fault tolerance.

Enterprise Management

With the pre-packaged Cloudera OEM version of SNYPR, use Cloudera Manager to manage all your Hadoop components from a single pane of glass.

Securonix Apps

Securonix builds and continuously updates purpose-built apps based on specific use cases and verticals.

Identity & Access Analytics

Identity & Access Analytics

Data mining and peer analytics based on data coming from IAM products and automated identification and risk ranking of rogue and high risk access on applications, servers, databases, and mainframe systems for certification and cleanup.

Threat detection

Privileged Account Analytics

Continuous identification and monitoring of privileged accounts for known and unknown misuse and anomalous high-risk behavior using behavior and peer group analysis.

Investigation

Data Security Analytics

Automatic and proactive identification of data exfiltration risk coming from inside and outside the organization in advance, during, and after an attack.

Investigation

Fraud Analytics

Continuous monitoring of banking, insurance, and retail transactions to detect suspicious activities such as low and slow transactions and abnormal transaction volume patterns.

Investigation

Trade Surveillance Analytics

Automated detection and prevention of insider trading and monitoring of suspicious activities such as abnormal trading transactions prior to close of trading.

Investigation

Cyber Security Analytics

Real-time behavior analytics on security, network, and endpoint events for automated identification of attacks at the device, network and endpoint levels while providing full context monitoring, risk ranking, and link analysis investigations.

Investigation

Enterprise Application Analytics

Threat and risk monitoring for the organization’s critical business applications and the data they hold.

Investigation

Cloud Application Analytics

Identification and monitoring of high-risk cloud platforms and applications for inappropriate and high-risk usage for proactive response against data exfiltration and other attacks.