DATASHEET

Securonix Security Analytics Platform

Next-Generation SIEM, Simplified

The cybersecurity landscape is getting more complex. Hackers continue to innovate; business technologies generate increasing
amounts of data; and obsolete perimeter defenses struggle with modern insider and cyber threats. Built on big data, Securonix
Security Analytics Platform combines log management, security incident and event management (SIEM), and user and entity behavior
analytics (UEBA) into a complete, end-to-end platform that can be deployed in its entirety or in flexible, modular components. It
collects massive volumes of data in real-time, uses patented machine learning algorithms to detect advanced threats, and provides
actionable security intelligence for quick response.

Collect, Detect, and Respond to Advanced Threats

REAL-TIME ENRICHMENT THREAT CHAINS & RISK SCORING INCIDENT RESPONSE

Insider Fraud
Threat
Machine
Connector Content Learning Automated Case
Framework Enrichment Playbooks Management
Data Feeds
• Network
• Cloud Cyber Threat Cloud Security
• DLP
• Proxy
• Servers
• Endpoints
• Identity
• Apps
• Threat Intel
• Unstructured Data
Search & Threat Hunting Link Analysis Dashboard & Reports

INVESTIGATE - SEARCH, LINK ANALYSIS, DATA INSIGHTS, REPORTS

Collect
Securonix Security Analytics Platform collects massive volumes of data, enriching raw events in real-time with meaningful identity,
asset, network, geo-location, and threat intelligence context. Connectors support a variety of data sources, including cloud sources
and non-technical data sources—such as badge readers and social media—that are not usually supported by log management
solutions.

Detect
Unlike legacy SIEM solutions that rely on signatures, Securonix Security Analytics Platform applies sophisticated machine learning
algorithms and threat chain modeling to event data in real-time to accurately detect advanced and insider threats. Every alert is
automatically ranked so analysts can prioritize their response.

Respond
Comprehensive incident management workflow capabilities and an automated incident response framework enables you to
automate remediation actions on select threats. Seamless API integration with third party solutions–including security orchestration,
identity management, endpoint detection and response, and network access control systems–allows for a coordinated response.
Product Features

Avoid Vendor Lock-In with an Open Data Model Built-In Applications

Unlike legacy security solutions, your data is not locked into a Out-of-the-box content in the form of packaged applications
proprietary database. An open data format lets you to use, share, enable rapid deployment and quick time to value. Applications
and manage your own data. This means you can maintain a single include threat models and built-in connectors that are specially
copy of data and make it available to other applications to use. designed for insider threat, cyber threat, fraud, and cloud security
use cases. Elegant visualizations allow you to view the threats in
Contextual Awareness Gives You the Big Picture context and take intuitive, easy-click actions to mitigate.
Securonix Security Analytics Platform enriches security data
with contextual information at the time it is ingested. Contextual Discover the Securonix Threat Library
enrichment adds user identity, asset metadata, network The Securonix Threat Library is a collection of threat models
information, geo-location, and threat context to an event. This created by the Securonix cyber research team in collaboration
transforms raw events into meaningful information that is easy to with customers, partners, and national security leaders. The
understand, search, and investigate. library enables you to access, download, and deploy with a
single click.
Secure, Reliable Long-term Data Storage
Enriched events are stored in a Hadoop distributed file system Faster Investigations & Automated Incident Response
(HDFS) and can be used for long-term analysis, search, and
reporting. Raw events are also maintained in HDFS for legal and
compliance purposes. Securonix Security Analytics Platform
supports transparent disk encryption for security and privacy
reasons. It also supports the archival of data to external storage
as needed. The data in HDFS is accessible to any external
applications as needed.

Advanced Analytics Find Events with Minimal Noise

Patented Machine Packaged Content Threat
The Securonix Investigation Workbench allows you to rapidly
Learning Applications Research investigate incidents by pivoting on anomalous entities and
tracing associated activities and events. Comprehensive incident
Behavior Analysis Algorithm
management and workflow capabilities allow multiple teams to
collaborate on an investigation. Incident response frameworks
Generated Domain
Insider Threat Fraud Threat Data
Research Science

Threat
enable you to automate remediation actions on select threats.
Peer Group Analysis Event Rarity
Chains
Simplify Your Compliance Efforts
Securonix Security Analytics Platform simplifies your compliance
Use Case Content

Robotic Behavior Rules Engine Cyber Threat Cloud Security

process by allowing you to consolidate multiple different control
sets while still allowing for specific compliance use cases such
Securonix Security Analytics Platform detects threats using a
as anti-money laundering, trade surveillance, and internal and
combination of patented machine learning and statistical analytic
external fraud. Advanced analytics allow you to easily detect
models. Using threat chains, it stiches together a chain of events
access violations; analyze rogue, orphaned, or terminated
over time in order to surface the highest risk events.
accounts; drive user self-service access reviews; and support
risk based access reviews.
Clear Visibility into Your Cloud
Extend your security monitoring to your cloud environment.
Convenient Cloud-Based SaaS
Securonix Security Analytics Platform has built-in APIs for all major
With Securonix Cloud you can enjoy all the capabilities of
cloud infrastructure and application technologies. This allows
Securonix Security Analytics Platform, with the convenience of
you to analyze user entitlements and events to look for malicious
a software-as-a-service (SaaS) solution. It provides security that
activity. Correlate cloud data and on-premises data to analyze end-
spans across your cloud infrastructure, data, applications, and
to-end activities and detect actionable threat patterns.
access control solutions. Benefit from the quick deployment,
easy scalability, and shorter time to value of Securonix Cloud.
Straightforward Threat Hunting
Securonix Spotter enables blazing-fast threat hunting using
For more information about Securonix Cloud visit
natural language search. Searching for threat actors or
www.securonix.com/securonix-cloud/
indicators of compromise (IOC) is simplified with visual
pivoting available on any entity in order to develop valuable
For more information about Securonix Security Analytics Platform
threat context. Visualized data can be saved as dashboards or
visit www.securonix.com/security-analytics-platform/
exported in standard data formats.

LEARN MORE LET’S TALK

www.securonix.com +1 (310) 641-1000
14665 Midway Rd. Suite #100, Addison, TX 75001 | ©2018 Securonix 0718