Cyber attacks continue to be successful for many reasons. Sensage detects suspicious events and delivers proactive intelligence through:
|
Centralized Event Data Management
|
Centralized Event Data Warehouse eliminates silos with open architecture interfaces for a variety of related technologies: endpoints, network systems, storage, mobile solutions, other SIEMs and call center applications, for example. |
|---|---|
|
Collecting
All Sources |
Capture any event data with a time stamp.
Sensage Log Adapter technology captures event data from network devices such as routers and firewalls, to collect log data from operating system logs, application logs and database server logs. |
|
Retaining Native Logs
|
Log data is captured and stored in its source-specific schema to maintain the integrity of the data for future use. Metadata, aggregations and normalized forms do not satisfy forensics and digital evidence requirements. |
|
Delivering Scalable Data Retention
|
Columnar data storage enables efficient processing through large volumes of data. Massively Parallel Processing (MPP) for linear scalability, handling massive volumes of event data which can be stored indefinitely |
|
Maintaining Open Access
|
Access data from as recent as last hour to views of multi-year history without extracting from archives. Views and query optimization ensure scalable query performance. |
|
Providing Security Intelligence
|
Open Interfaces (ODBC/JDBC) provide direct access from 3rd party BI tools or custom applications for flexible analysis, dashboarding and reporting. Create standardized reports and dashboards that meet compliance requirements such as PCI, FISMA, HIPAA, and SOX. |
