DataSense is built upon ALM-SIEM, Assuria's highly respected forensic cyber security monitoring software solution used by major Government and Commercial users from the UK to Japan. DataSense is a fully packaged and supported COTS solution which can optionally be extended to harvest almost any data from almost any source and to export the transformed and enriched data to almost any accessible external service. Out-of-the-box output formats include ECS, S3 and FTP.
Service Overview
DataSense delivers data streaming services for data driven organisations needing to harvest critical data from a vast array of systems and devices, from almost any location, and to transform, enrich, filter and stream these data to specific processing services. This transfer of data is undertaken at scale, in a secure, forensically sound and automated manner.
Data Harvesting
DataSense can be configured to harvest data from a vast array of IT systems, devices and applications (log sources) out of the box. The service is easily extensible to include additional log sources from a diverse range of environments, including IoT, OT, smart buildings and autonomous vehicles. Even one-off unique systems can quite easily be harvested for log and machine data.
Security and Integrity
DataSense utilises the renowned data integrity features of ALM-SIEM, ensuring that harvested data are securely transferred into the SOC infrastructure and strong data integrity is assured. The original and complete data can be stored in the ALM-SIEM secure store, can be re-processed any number of times and can be archived to very low cost offline store, using the built-in archiving features.
Data Enrichment
Automated data enrichment options include watchlist lookups and matches from a wide range of external threat intelligence feeds, both commercial and open source. In addition, DataSense can be configured to apply selected filtering processes in order to reduce noise, reduce data volumes generally and to increase analyst focus on critical events.
