ChaosSearch Data Platform Delivers Massively Scalable, Low-Cost Security Log Analysis

Promote this Nomination

Additional Info

Company (that provides the nominated product / solution / service)ChaosSearch
Company size (employees)10 to 49
Type of solutionSoftware

In 3 bullets, summarize why this product or service is different from the competition and deserves recognition:

1. Simplify security and slash costs
Unlike other solutions, ChaosSearch makes it extremely easy to retain and quickly analyze unlimited amounts of security event data at a cost that is often 80% less than competitor approaches. Customers can integrate security into their DevOps processes using the same tools and data used for IT ops.

2. Quickly target, action, and neutralize security and DDoS threats
ChaosSearch integrates with popular CDN and security services like Fastly, Cloudflare, AWS CloudFront, Carbon Black, Auth0, and Okta, helping customers understand application usage, traffic patterns, who they are, location of origin, and when and where their website or application has been compromised. ChaosSearch’s built-in alerting enables them to set thresholds to tag and automate response to threats in near real time.

As Stephen Salinas, Engineering Lead at HubSpot says, “ChaosSearch was easy to connect to our source data in AWS, and auto-discovery of our data’s schema allowed us to get started querying data from day one. ChaosSearch now serves as one of our team’s primary monitoring tools for identifying DDoS attacks and protecting our customers from them. The additional data retention also serves to help our security team audit issues over past months to better identify bad actors.”

3. Identify more, faster, including APT
With cost effective, unlimited retention for all sources of security telemetry, you can easily analyze the lifecycle of all threats and their origins. Monitor all IPs, ports, and endpoints that access your organization's systems, as well as inbound traffic sources and patterns. Unlimited data retention makes it easier to fight long tail intrusions including advanced persistent threats.

Brief Overview

ChaosSearch makes it easy for organizations to gain security insights at massive scale and take pre-emptive and corrective action, while achieving the true promise of data lake economics. The ChaosSearch Data Platform connects to and indexes infinite amounts of security log data within a customer’s own cloud storage environment, rendering it fully searchable and available for analysis with existing data tools via open APIs, while saving customers up to 80% in cost compared to competitors.

Customers ingest security event data on their AWS S3, use the familiar ElasticSearch API for queries, and Kibana for log analytics and visualizations. Because it’s delivered as a fully managed service, they don’t need to worry about solution installation, management, security or scale.

It takes less than 5 minutes to get up and running and see results with ChaosSearch. Customers simply 1) click to configure S3 connectivity; 2) click for static, live or real-time data indexing, and 3) click to create an instant virtual view. Whereas all other solutions require complex data pipelines consisting of parsing or schema changes, which is extremely time-consuming and tedious, ChaosSearch’s patented technology indexes all security event data as-is, without transformation, while auto-detecting native schemas.

With this approach ChaosSearch overcomes the cost and complexity of other solutions, and delivers unlimited data retention and scalability, industry-leading resiliency, and tremendous time and cost savings.