Threat Analytics Solution
Real-time Integrated Threat Analytics Solution Program enables companies
to build solutions that analyze the historical behavior of systems and
attackers in order to detect, understand and eliminate potential threats
in real-time–even those that are coming from multiple sources, across
multiple devices. Logtrust will be promoting solution partners at
industry events throughout 2017.
•Discovering the relationships between bad actors, their methods and their targets
•Understanding the evolution of attack patterns over time
on data being streamed in real-time that may indicate threats
•Real-time Low Code, No Code Advanced Search and Analytics: Continuously ingest multiple log formats, conduct searches and queries on live and historical data via simple point-and-click, and initiate complex event processing–all without complicated coding.
•Storage of Historical Network Sessions and Events: Achieve ultra-fast historical analysis, selectively slice/dice and replay network sessions/events, and visualize the data through force-directed graphs and Sankey diagrams.
•Real-time Network Topology Event Analysis: Uncover live communications occurring with adversaries; hunt for dynamic event data changes in topology; search for both passive and active new event data changes.
•Network Packet Analysis: Conduct real-time monitoring on all ports, protocols, perimeters and internal traffic; detect volume changes for high-value asset data traffic that indicate suspicious activity.
Pattern Learning and Active Defense: Conduct advanced statistical
operations over time-sliced windows, uncover seasonality in data with
Holt-Winter bands, and set up real-time alerting to counter threats
based on your findings.