Big Data, Behavior Analytics, Machine Learning, and Compliance Reporting for Modern Cybersecurity
What does it take for modern enterprises to proactively protect against both known cyber threats, such as malware and insider threats, and the unknowns? How about meeting data retention and compliance requirements? Also the need to improve personnel efficiency for accurate detection of threats in your SOC?
We are excited to announce the general availability of our Cybersecurity Turnkey Solution (CTS), an integrated, drop-in solution from Hortonworks, System Soft Technologies (SST)/Elysium Analytics, and Zoomdata, available on hardware from PSSC Labs.
Built on 100% open source and commercial partner ecosystems, CTS integrates extensive cybersecurity capabilities into a set of pre-built common use cases for active cybersecurity protection to address the demands for efficient detection and reporting. Designed to eliminate the complexity and challenges of setting up functional security operations, CTS enables customers to see fast time-to-production (often within weeks), meet compliance with out-of-the-box frameworks, and accelerate threat detection with advanced analytics and intuitive visualization dashboards.
Until today, deploying a full stack cybersecurity solution required significant time, money, and expertise. The Cybersecurity Turnkey Solution removes these barriers by tightly integrating open source software and commodity hardware.Alex Lesser, Chief Strategy Officer, PSSC Labs
Out-of-the-Box NIST, UEBA, ML and Big Data, All in One
The proliferation of unsecured IoT devices has intensified the challenge of safeguarding against an overwhelming number of attack vectors.
Enterprise security has evolved to where it is a must to have a long-term architecture delivering lasting mission-critical capabilities that can evolve with or ahead of the industry. Cybersecurity Turnkey Solution (CTS) delivers a security data lake solution using Elysium’s open data model with advanced SIEM, machine learning UEBA and compliance, all pre-integrated on a powerful scalable appliance.Eric Warner, VP of Sales for System Soft Technologies’ Elysium team
To help address the challenge of increasing attack vectors, CTS employs a best-of-breed approach that brings together the strongest technologies of all partners. Example capabilities include:
- User and Entity Behavior Analytics (UEBA) – Powered by Apache Metron and Elysium Analytics’ Cognitive SIEMTM, CTS applies powerful, sophisticated machine learning algorithms to yield actionable insights into user and entity activities within the network, so you don’t have to rely on static rules in legacy SIEM systems. The Apache Metron configurable profiler from Hortonworks Cybersecurity Platform captures baseline behavior using efficient algorithms. The Cognitive SIEM analyzes a broad range of user behaviors to detect anomalies vs the baseline. Profile retrieval supports time aggregations as well as seasonal trends, offering many options for detecting anomalous behavior. This reduces false positives by up to 90% and gives analysts actionable information about the entities on their network.
- Threat Hunting – Using Hadoop for long-term retention of past data, CTS prepares historical context for informing machine learning or threat hunting. Moreover, interactive security notebooks (based on open source solutions such as Apache Zeppelin and Jupyter) provide insight and action on anomalies within your environment. Each notebook is purpose-built with a self-contained workflow for a specific use case. These are augmented by Zoomdata’s visualization tool for faster data exploration.
- Insider Threat Detection – For any given threat, some users may be compromised without their knowledge while others might be acting deliberately. The CTS Cognitive SIEM keeps a baseline for every user in the organization and calculates the deviation from the baseline to each user’s own history, the rest of their peer group, and the wider community.
- Compliance Reporting – CTS provides pre-built reporting for specific compliance standards including the popular NIST framework for cybersecurity. This pre-tuned set of reports and rules enables quick rollout and provides fast discovery of non-compliant systems through interactive notebooks (playbooks) with adaptive workflows. Elysium Analytics offers delivery, integration and customization services as part of the package.
- Advanced Visualization – Zoomdata provides a modern business intelligence platform for visualization that allows regular business users to visually interact with and analyze high-volume, fast-moving mission-critical data. All data can be visualized and interrogated through live network maps, geographic maps, heat maps, and other charts and tables. Advanced filtering, automatic time bucketing, and custom fields and calculations allow analysts to work independently of IT to contain and resolve threats.
With this cybersecurity solution, the enterprise can protect assets more efficiently and effectively than ever beforeRuss Cosentino, Co-founder and VP Channels, Zoomdata
- Turnkey Appliance Hardware – All necessary components, including compute, storage, networking, and software, are pretested and integrated in a turnkey appliance that is configured to support 150TB of data, 240 processor cores, and a high-speed network topology. With complete redundancy and turnkey deployment built into the design, the solution enables optimal reliability, simple deployment, and fast time to production.
CTS Benefits Everyone in Your Security Organization
Traditionally, enterprises had to go through lengthy and complicated set-up and development efforts to obtain the capabilities in CTS, not to mention a steep learning curve to efficiently maintain, operate, and trouble-shoot their environment. In addition, proper configuration and inter-operability of different tools can be a challenge for your IT and security operations center. With CTS, we eliminate nearly all of that burden with one drop-in, pretested appliance.
This is a ‘best-of-show’ market entry. CTS supplies a complete open systems Big Data architecture that protects investments and delivers advanced benefits of UEBA, machine learning, and fast time-to-resolution and low cost of ownership.Eric Warner
The pre-built, hyperconverged appliance simplifies deployment and management, benefiting your entire security operations organization:
To learn more about how the joint solution can help improve your enterprise security, please contact email@example.com