Auto Monitor

Implement CyberSight’s comprehensive out-of-the-box auto monitoring features to provide your core security monitoring service. Then configure the ECS Exporter to export filtered, enriched and transformed data into ElasticSearch for additional threat hunting and response services.

Explore

Investigate and analyse discovered log data by refining queries, either by standard taxonomy or raw event fields. Search repeatedly for relevant data and meta data in the always available secure Log Store. Customise your data view to only display the information that you need.

Enrich

Enrich your log data with externally sourced or internally generated asset, threat, geo-location, identity and behaviour analysis data. Query data using people rather than user accounts, assets or geo-location instead of IP addresses or host names.

Visualize

View your data through built-in, comprehensive alerting and operational dashboards, or develop your own visualisations, exploiting easy to use statistical analysis, graphical and geo-location features.

How CyberSight works

CyberSight provides real time complex experimental search and visualisation capabilities, along with deep dive forensic investigative features to provide deep visibility into potential threats, attacks and undesirable activity. The Big Data Analytics architecture allows analysts to create, evolve and save almost any kind of search and query of ALM-SIEM collected system and log machine data, for almost any purpose.

 

CyberSight

Assuria’s Next Generation SIEM Security Big Data Analytics Solution

Statistical Analysis

18/08/2017

Statistical Analysis

Investigate your data using threshold and outlier analysis. By understanding the relative occurrence or frequency of behaviors on your systems it gives you a more accurate detection of anomalies. By discovering the normal or expected patterns of activity, you can identify exceptions to these patterns based on evidence rather than rule-of thumb thresholds.

Read more

Time Analysis

18/08/2017

Time Analysis

Use hierarchical sunburst analysis to explore data over time. Finding time-based patterns of behavior can be complex in large data-sets. Using a multi-tier starburst visualization, you can easily drill-down through time periods and hierarchical event attributes, such as users or systems. You can do this to identify unusual occurrences or peak periods of activity.

Read more

Textual Search

18/08/2017

Search events using free text or regular expressions. You can search for a given user, machine or file name. Narrow your search by using event tags/field values, standard true, false, and standard comparison operators. Or search across your complete log store.

Read more

Examine

18/08/2017

Examine raw, original or tagged log data and then refine using on-the-fly queries. Save these queries for further analysis or use them to create dashboard widgets or custom reports.

Read more

Information At Your Fingertips

18/08/2017

Information At Your Fingertips

Cybersight’s new analytics allow you to identify the information you need, quicker, faster and more efficiently than ever before. New query tools allow you to create use simple or complex criteria to view your log data in new and exciting ways.

Read more

Force Directed Graphs

18/08/2017

Force Directed Graphs

Explore your data connections for suspect patterns. By finding relationships between event attributes allows the uncovering of hidden patterns and normal behaviors within event data. By graphically plotting relationships you can rapidly visualize normal activity and identify unexpected interactions, allowing more focused exception reporting.

Read more

CyberSight is Assuria’s new SIEM Big Data Security Analytics solution

Assuria CyberSight is built upon ALM-SIEM, Assuria’s CESG CCTM Accredited Forensic SIEM/Log Management solution as used by government agencies, major commercial organisations, local government departments and IT service providers worldwide to deliver IT security intelligence and visibility of system activity to the people who need it.

CyberSight enriches log data provided by ALM-SIEM and provides massively scalable and flexible big data analytics functionality to extend the powerful and automated rules based analytics within ALM-SIEM to allow security analysts unlimited access and insight into log and machine data.