The Cognitive SIEM
Elysium’s Cognitive SIEM offers a powerful solution to extract security insights from data sources generated within an organization. We use a purpose-built data architecture that provides a highly-scalable and extensible framework. The product integrates with a wide range of data sources under a single powerful platform to drive deep security insights.
The Elysium Cognitive SIEM:
- Collects device, network, user, and application data stored in an open data model with enrichment
- Applies machine learning algorithms filtering billions of events to identify those requiring attention
- Reduces MTTR by 90% while also providing compliance reporting
- Integrates seamlessly with other security platforms, such as Hortonworks Metron
- Builds a full-stack data lake on Hadoop to capture logs from all sources and overlays an Open Data Model to apply the right data structure for export to analytics
Elysium security analytics handles huge data volumes and variety where incumbent tools (e.g., a traditional SIEM) often struggle, allowing customers to conduct large investigations requiring historical data.
Through integration with Hortonworks Metron, Zoomdata, and PSCC labs, Elysium is also available as Cybersecurity Turnkey Solution for drop-in functionality and pre-configured operation
DATA LAKE AND OPEN DATA MODEL
To accommodate the massive volume and vast number of data sources, Elysium’s Cognitive SIEM creates a shared data lake providing value to multiple groups within the organization. This data lake is built on top of the Hadoop stack and feeds our Open Data Model, which examines the data and applies the appropriate structure for interpretation by our advanced analytics. This integrated flow enables upstream analytics and downstream source integrations with full extensibility to integrate with any SIEM, database, file sources and APIs.
This end-to-end solution is available both on-prem and in the cloud with unlimited scale and high availability.
Full-spectrum Machine Learning
Credible results with supervised, semi-supervised and unsupervised machine learning, combined innovatively to link anomalous events to malicious intent
Support for Diverse Data Sources
Security information from the broadest variety of data sources – packets, flows, logs, files, alerts and threat feeds – enhance analysis to deliver comprehensive visibility
Clarity from Multi-dimensional Behavioral Analytics
A comprehensive 360-degree view on risk profiles enable the detection of ongoing attacks, simplifying incident investigation, and empowering analysts through analytics-driven visibility
Integrated Analytics and Forensics
Fully-integrated analytics with forensics providing needed contextual evidence for closure regardless of how far back in time an investigation requires
Highly-scalable Data Storage
Petabyte scale storage platform supports any size data needs
Real-time Data Ingestion
Real-time ingestion and enrichment of security data sources at millions of events per second
BEHAVIORAL ANALYTICS (UEBA)
Organization data breaches have become increasingly sophisticated and more frequent, where cybercriminals compromise and exploit user credentials to gain unauthorized network access.
Organizations continue to struggle with:
- Making use of the massive amounts of data generated within an organization in order to derive useful insight of malicious activities
- Discover activity that is considered abnormal and may indicate potential internal threat or external breach without triggering false positives
Leveraging an organization’s existing data, Elysium’s behavior engine creates accurate baseline profiles for each user to define normal behavior. Elysium user and entity behavior analytics (UEBA) technology automatically connects the dots – in real-time – from a user’s activity across multiple accounts and devices. The result is that sophisticated attempts to access data and avoid detection are immediately flagged for review by security incident response teams.