Features / You'll love
Whether you are hunting for a specific breach suspected in your environment or generating a dashboard for a management review, data from individual logs is never sufficient to establish your goal. Raw data must be supplemented with metadata such as device names, geo-coordinates, users etc. to make sense. In fact, security events generate so much data, there is a risk of overwhelming analysts and limiting their ability to discern key events.
DNIF augments its Big Data pedigree by enriching ingested data at source providing the much needed Information context. Contextual information improves the quality of analysis as well as helps in effective presentation of conclusions arrived from the analysis.
Organizations can also customize enrichment capabilities of DNIF to insert specific data points such as application specific tags (ex. user records) or data from vulnerability reports.
A significant portion of information security efforts go into monitoring and analysing data about events on servers, networks and other devices. However, most data platforms such as traditional SIEM* or PAM** tools can only examine packets in a stateless manner and hence provide limited insight.
DNIF based on a big data platform can work with real time data as well as over time, hence it can correlate events across time and space. This means the stream of events logged by one device, such as a Web server, may be highly significant with respect to events on an end-user device a short time later.
Big data based architecture also allows longer latency archival storage, thus enabling visualization tools such as dashboards and adaptive search applications such as Threat Hunting for specific events and scenarios.
How many times have you found the same pattern of events leading to the same action – an IP found consistently scanning your web-server belonging to a rogue IP range just needs to be blocked on your firewall. And how many times you wished that the tool could do this on its own?
DNIF is an intelligent platform designed to integrate and interact with external and internal workflow handlers to help orchestrate routine security actions. DNIF not only provides a library of actions and ability to build more but it can also trigger your applications and APIs on correlated events.
Using DNIF’s orchestration capabilities you can enable messaging to your team (on slack for example) or you can have a device auto-configure itself or create an incident report in your ticketing systems (example Jira).
Features / Everything
Scale without fear
Bringing new data into your data systems is always a challenge, concerns of capacity, response time and cost is always a pushback to growth. DNIF has solutions that help you scale without fear.
Bringing data into the system is sometimes the most difficult part of the process, DNIF makes it easy to ingest and process active data in real-time.
Search is the best!
Finding and refining complex data patterns from your stack isn’t the easiest, DNIF follows a simple flow based approach we are all used to.
Actioning on critical alerts is usually done by handlers / hunters, this process requires to be automated, DNIF provides a library of actions and ability to build more.
Tactical data correlation
Bridge the gap between search, process and actionable insight, DNIF has a clean and functional event correlation workflow you will love.
Big data benefits
Traditional RDBMS or file node systems have struggled to scale in this ever growing data stack, DNIF is a big data platform that scales, performs and delivers top features.
Service provider friendly
It’s a nightmare (if you are a service provider) to take a platform that was built without you in the picture and turn it into a customer friendly system. DNIF has amazing architectural benefits for the service provider community.
Integrated workflow, the single pane
Imagine multiple tabs for your branch offices you are alway missing something, DNIF is different it is able to give you a single console across deployments.
Our data is different and so are the locations across which they are available. Data systems have to adapt to the need and be able to deliver a consistent result.
Licensing at actuals
Licensing on the maximum aggregate usage every second or every day is never going to be optimal, everyday never looks the same and inefficient metering only leads to a daily loss.
Connecting the DOTs
We depend on humans to validate, action and over all connect the dots over correlated events, DNIF brings automation to this complex process.
Send actions to custom apps
You applications are known to function in different silos, imagine the power they would bring if they could be made to talk and engage on critical intelligence.
Elastic pricing — why not?
Slab based pricing always bites growing customers with overage and penalties, this is rather unfriendly for customers operating on the subscription model.
Open API and Webhooks
Why be constrained - collaboration, schematic free storage, open analytic flow were the core design goals set for the DNIF platform. Come build with us.