Product
Proven Security Data Pipeline Management. Sovereign assured data flow for critical systems, SIEM cost reduction, and data cleansing.
The complexity, variety, volume and importance of security data is ever increasing, and organisations need to efficiently collect, store and manage this mass of data in order to gain essential insight into sensitive activity and potential threats.
Normalising ever more diverse data types into a meaningful and useful form is a complex challenge. Achieving this at pace, in volume and without compromising forensic integrity is a key requirement. Data Pipeline Management (DPM) technologies decouple this huge data management task from downstream analytics in order to provide far greater integrity, efficiency and deployment flexibility, as well as greatly reduced costs. DPM solutions also remove vendor lock-in, cloud dependencies and other limitations.
Assuria DataSense delivers DPM services for organisations needing to harvest critical data from a vast array of systems and devices, from almost any location, and to store in original form, normalise, enrich, filter, transform and then route these processed data to specific analytics and investigation services. This transfer of data is undertaken at scale, in a secure, automated, and forensically reliable way.
In environments where sovereignty and national security are key considerations, DataSense can also be deployed in dedicated private environments, unlike most DPM solutions, which are generally cloud tethered.
DataSense can be configured to harvest data from a vast array of IT systems, devices and applications out of the box. The service is easily extensible to include additional log sources from a diverse range of environments, including IoT, OT, and ICS systems and even one-off, unique systems.
DataSense supports regulatory needs such as GDPR and national cybersecurity mandates and has proven data integrity features built-in. Harvested data (and essential meta data) are stored in the ALM-SIEM store in original and complete form and can be accessed and processed repeatedly.
Using the built-in soft Taxonomy and Rendering features within DataSense, automated data normalisation allows almost any kind of data to be classified and normalised into suitable form for processing through the appropriate pipelines.
DataSense can be configured to automatically apply selected filtering processes to collected data in order to reduce noise, reduce data volumes and SIEM data ingest costs, and increase observability and security analyst focus on critical events.
Data normalisation and enrichment options include watchlist lookups and matches from a wide range of external threat intelligence feeds. Most standard format TI feeds can be ingested.
Harvested data can also be enriched using custom enrichment data and threat intelligence feeds. This includes user-defined threat data, such as context, location, asset type, value and risk score, thereby customising the service to meet specific client requirements.
Security data can contain sensitive and PII data, creating major security and GDPR risks. DataSense built-in PII redaction ensures compliance with data protection laws and harvested data can be effectively cleansed, reduced and filtered prior to onward routing.
For full product videos and additional information, visit the dedicated DataSense site.