- Company (that provides the nominated product / solution / service): Fluency Corporation
- Website: http://www.fluencysecurity.com
- Company size (employees): 10 to 49
- Country: United States
- Type of solution: Hybrid
- Approximate number of users worldwide: 10
In 3 bullets, summarize why this product or service is different from the competition and deserves recognition:
-- Decision Support: Fluency differs significantly in that it aims to help make a decision. SAO playbooks are designed to integrate into other products. Some SAO products only focus on the playbook, chaining integration from one device to another. Fluency acts as a central log manager and performs analytics on the incoming data to score risk. From this risk, decisions are made in the playbook to implement responses. The focus on decisions is pivotal in preventing the amplification of false positives and over the response to low-risk events.
-- Cloud Enabled: Cloud is not just about running processes on a cloud service. Cloud audit data is different in format and in communication protocols. Many log protocols are UDP, which is a short distance, non-guaranteed protocol. Cloud logs are designed for remote connection and often are bidirectional or require a separate data bucket. Fluency knows how to communicate with the cloud, network devices, and applications to create rich flow data. Fluency can do this on premise or can be hosted in the cloud, where it can create micro services to empower the scalability of cloud architectures.
-- Fusion Creates a Single View: Fluency’s patent on data fusion is a significant advancement in single view technology. A single view means that duplication of information is removed and common information appears in a single record. This record is concise and clear. Most products talk about a pane of glass. This means that the system took many haystacks of data and placed it into one large unorganized haystack. Searches from this haystack approach produce multiple records even when they are talking about the same event. Because single pane is multiple tables and scattered, it’s slow and cannot be performed on large searches. A single view provides a clear understanding desired by analysts and management.
In 2017, the amount of data an organization creates and sees is vastly larger and different compared to just a few years ago – so much so that it has changed how security must be done. No longer can organizations spend their way to being protected by addressing every alert, or continually growing its security operations team. Security must get smart.
Fluency’s patented Security Automation and Orchestration (SAO) solution provides a unique approach to data collection, correlation, fusion and analytics. It enables organizations to make far better security decisions. Better decisions empower better automation. Fluency addresses SAO by focusing on the decision process. Why? Automating bad decisions amplifies them. Fluency focuses on machine learning and analytics over centralized log management. This data-centric approach to SAO means more than just making correct decisions, but positions the decision to have the data needed for a better response.
Fluency’s fusion approach combines application, network administration logs and host information stored at different levels of network protocol and by dispersed services. Fusing this data provides application, users, and host analytics, while also providing the information needed to respond, not just detect an issue. Fluency knows that in today’s networks finding a system by an IP address is sometimes impossible. Fluency solves this and many other response problems.
Fluency can be deployed as a subscription appliance at an organization’s gateway, or as a pure cloud offering. Fluency is capable of absorbing large amounts of flow data, host logs, security logs and network control logs – and then scores each security event, correlates and scopes the related log information. The subscription approach ensures the number of security personnel does not increase due to health and maintenance, as the subscription maintains the health and performs updates of the system in maintenance windows.