Securonix Next-Gen SIEM
Photo Gallery
Securonix Next-Gen SIEM
Additional Info
Company | Securonix |
Website | http://www.securonix.com |
Company size (employees) | 100 to 499 |
Overview
The Securonix Next-Generation SIEM platform transforms big data into actionable security intelligence. Built on a Hadoop big data security lake, SNYPR combines an open data model, log management, security incident and event management (SIEM), user and entity behavior analytics (UEBA), fraud detection and compliance management/reporting into a complete, end-to-end SIEM platform that can be deployed in its entirety or in flexible, modular components.
Securonix Next-Gen SIEM is a complete security collection, threat detection, forensic analysis/threat hunting and incident response platform that puts the SOC security analyst in control of their security management program. Securonix enables customers to detect insider and outsider attacks before it’s too late, transform access management programs into measurable, high-value business initiatives, slash compliance costs related to monitoring and access reviews, and start protecting critical information assets and resources using predictive analytics management techniques.
The Securonix Security Intelligence Platform is a purpose-built advanced security analytics technology that mines, enriches, analyzes, scores and visualizes customer data into actionable intelligence on the highest risk threats from within and outside their environment.
How we are different
1) Securonix Next-Gen SIEM differentiates through proprietary signature-less detection algorithms that perform real-time analysis of incoming event logs at big data scale. It is purpose-built with advanced behavior analytics capabilities that mine, enrich and analyze data to detect actionable threats. While current technologies focus on limited data collection, retention and compliance reporting, Securonix focuses on analyzing high volume data for advanced threat including insider threats.
The specific data science methods include:
- Min-Max Clustering (Unsupervised learning): For machine data and user activity information
- Classification Algorithms (Supervised learning): Classification library and decision science to detect advanced threats such as DGA's, phishing/SPAM attacks, social threats including analysis via peer group profiling
- Event rarity: For activities not been seen before, Fuzzy correlation, Sequential Learning, Rule-based analysis (signatures)
2) End to end big data security analytics architecture. Securonix uniquely leverages the Hadoop/Spark/Kafka Lambda Architecture to optimize batch and stream processing of massive amounts of corporate machine data generated in the enterprise today. This allows not only infinite scalability, but also highly responsive, real-time enrichment and threat detection capabilities not found in legacy SIEM solutions, or in newer SIEM products using partial big data components (eg just a Hadoop data store)
3) Automated Incident Response. Securonix Next-Gen SIEM is the only SIEM solution that is tackling the IR side of the security management using a combination of in-house R&D as well as integration partnerships. Securonix SIEM includes a highly capable case management, task assignment, and workflow/approval response framework. In addition Securonix has developed close bi-directional integrations with Security Automation & Orchestration vendors (Demisto, Phantom) as well as network and endpoint vendors (PaloAlto Networks, McAfee, ServiceNow, Tanium, Symantec etc.) to enable active threat response, containment and mitigation.