Uncover Actionable Intelligence Through Super Enrichment, Search And Visualization
Organizations collect and store massive volumes of data; the challenge is deriving meaningful value from it. SNYPR Security Data Lake® super enriches data with contextual user, asset, geo-location and network intelligence that transforms big data into meaningful security insights with blazing-fast search and elegant visualization.
SNYPR Security Data Lake is powered by Hadoop, a massively scalable, fault tolerant, open-data platform that ingests hundreds of terabytes per day and supports reliable, economical, long-term data retention. The open data model is key. It provides a single source of data that extends to SNYPR’s packaged use cases: insider threat, cyber threat, fraud and compliance, as well as any other custom use cases or applications the enterprise needs.
The SNYPR Security Data Lake delivers a SMARTER, FASTER and MORE ECONOMICAL way to reveal comprehensive, actionable insights into an organization’s security posture.
- Super enrichment adds identity, asset and geo-location context plus threat intelligence correlation, transforming raw events into meaningful insights that are easy to understand, search and investigate. Data is indexed to provide search and visualization capabilities enabling investigators to tie dynamic context to data, understand the context of an anomalous event, and take corrective action without time consuming manual work.
- Delivered with a library of out-of-the-box connectors that integrate with structured and unstructured data sources including traditional network and server log sources, plus a wide selection of additional connectors for enterprise applications, cloud services, identity stores, IAM systems, and non-technical feeds such as badge readers, social media events, travel logs and background checks. More data means more accurate profiling and analysis of entities and events for use cases that are most relevant to today’s advanced insider and cyber threat scenarios.
- Securonix Spotter® provides powerful search capabilities and enables rapid threat hunting using natural-language search. Searches can be visualized by pivoting on any entity to analyze events quickly and efficiently.
- Automated, time-based data distribution and tracking enables a consistent query response time, irrespective of the amount of data indexed.
- Automatically generates elegant visualizations and charts that can be saved as dashboards or exported via standard data formats. Securonix provides a library of built-in visualizations based by type of data source, type of threat and compliance requirements, plus custom dashboards for ad-hoc threat investigation or periodic threat and compliance monitoring.
- Legacy data collection and log management tools create expensive overhead because they typically charge by the byte. SNYPR Security Data Lake delivers incredible cost efficiency through unlimited ingestion and storage.
- Open data model means raw and enriched events are available to any application for analytics, eliminating the need to create multiple data stores and the cost associated with licensing and maintaining them.
- Uses commodity hardware making it much more cost efficient compared to legacy log management products.
How it Works
350+ out-of-the-box connectors integrate with a variety of structured and unstructured data sources including enterprise applications, identity systems and non-technical data sources such as badge readers and social media that are not supported by typical log management solutions. Rest API with fully published schema supports bi-directional integration with any target system.
Super enrichment of security data with contextual information at the time of ingestion helps transform raw events into meaningful information that is easy to understand, search and investigate. Contextual enrichment adds user identity, asset metadata, network information, geo-location and threat context to an event.
Search & Visualization
Securonix Spotter® enables blazing-fast hunting using natural language search. Searches can be visualized by pivoting on any entity to develop valuable threat context. Visualized data can be saved as dashboards or exported via standard data formats. The solution has built-in reports and dashboard capabilities to automate compliance reporting.