- Company (that provides the nominated product / solution / service): QEast Software
- Website: http://www.smart-investigator.com
- Company size (employees): 40
- Country: Belgium
- Type of solution: Software
- Approximate number of users worldwide: 500
In 3 bullets, summarize why this product or service is different from the competition and deserves recognition:
• Smart Investigator breaks the information security silo barrier and makes data actionable. The solution leverages a company’s investment in existing security systems and makes the most out of each system’s capability while laying a governance layer over them and offering one single point of visibility, action, cross-correlation and reports.
• Unified visibility through one single solution for log analytics, intrusion detection, fraud management, SIEM event correlation with network data, business applications, physical security and /or other data feeds (security and/or business).
• Smart Investigator encompasses 15 years of research and innovation in the IT security field, which reflects in its valuable set of technical specifications: NoSQL engine, anomaly detection, advanced event browser, custom report creation and organization, custom alert creation and scheduling, report packs for multiple technologies (Windows, Unix, Syslog, Linux) and an integrated software-hardware package.
In less than 300 words, summarize the most important features and benefits of this product or service
Smart Investigator is a revolutionary, fully scalable, intuitive and easy to use Big Data Security Analytics Platform. It unifies data from all networks and systems and offers real time visibility through intuitive dashboards.
Accurate On-The-Spot Event Identification Starting from One Single Exception Event – the self-learning anomaly detection engine automatically creates access patterns for users, based on an innovative self-learning system.
Advanced Event Search & Filter. Correlation between Billions of Events in Seconds – finding related data based on specific criteria in terms of seconds instead of hours.
User-Defined, Real-Time Alerts – an accurate alerting system, addressing the most specific event requirements and therefore enabling immediate measures.
Context Sensitive Dashboards for Rapid Decision Making among Infinite Data Logs – Data is sliced and organized into multiple categories, to offer an immediate context sensitive overview.
Real-Time / Schedule Based Connectivity to Classical SIEM Systems for Data Feeds – it works in both push/pull scenarios: pulls data from traditional SIEMs and receives data in real time, as the SIEM system sends it.
Complete Investigation Module – an intuitive graphical interface that displays the correlated view of security information in a single dashboard. Audit trees are context sensitive and contain correlated data based on predefined user criteria.
Predefined Scheduled Reports for Compliance and Optimized Internal Effort – the predefined custom reports ensure compliance based on internationally recognized standards and frameworks (ISO 27001, COBIT, FISMA, HIPPA, PCI / DSS, SOX to name a few) while increasing the efficiency of the security team.
• Real-time visibility, enhanced decision making capabilities
• Quick time to value: 1 to 4 hours deployment
• Fast ROI
• Time savings, increased productivity and resources optimization
• Increased proactivity in managing daily risk
• Unlimited horizontal scalability at no extra data-base cost (additional power available in 15 minutes).