Solutions / Security Analytics

Streamline your security investigations with the ability to detect threats in real time, perform efficient multi-step analysis and power your investigations with machine learning and smart automation.

outlier detection

Detect Outliers On The Fly

Perform historical and statistical analysis on multidimensional datasets, enabling security teams to detect trends that previously went unnoticed.

next gen siem powered by machine learning

Machine learning-powered analytics

Eliminate guesswork and analyze all your data automatically to reveal hidden insights — in a fraction of the time it would take to do manually.

threat intelligence for next gen siem

Threat Intelligence that matters

Let your analysts leverage open-source threat intel feeds to triage more rapidly, reducing MTTRs for known threats.

automate workflows

Effective, intuitive workflows

Build, standardize and automate your standard operating procedures and eliminate uncertainty during threat validation and investigation.

Security Analytics / How It Works

  1. Ingest gigabytes of data from all types of sources, such as applications, the cloud, servers, network devices and sensors.
  2. Extract all relevant information from your logs based on parser configurations.
  3. Enrich the ingested data with threat intelligence, geographic data, custom data fields and more.
  4. Index the enriched data and store it in a database for rapid retrieval at a later time.
  5. Define rules to correlate and analyze existing data, and set up reactive triggers. Use these insights to create interactive dashboards and reports.
  6. Trigger automated responses that integrate with external devices and services.

Security Analytics / Why DNIF

Open architecture

Unify data from disparate data sources within your organization to get a complete picture of your business, and use APIs to orchestrate across technology stacks with easy-to-integrate plugins.

Modern, hassle-free platform

Ingest data from a variety of log sources without the hassles of schema constraints. Spot trends beyond the limitations of pre-defined rules.


Context-driven investigation

Empower your analysts to understand not only what is happening, but also why. Reveal the entities involved with automated contextualization.


Playbooks with flexible automation

Save countless hours spent on manual threat validation with machine learning models that automatically uncover hidden insights, so you can turn your attention to productive problem-solving.

Outlier detection made easy

Identify outliers based on historical profiles and statistical analysis on multidimensional datasets to reveal cases you never noticed before.



Security analytics and response orchestration

Orchestrate actions across your technology stack to cut wait times, and automate low-level tasks to increase productivity and MTTRs.


Detect and remediate 30x faster with these easy to use automation playbooks

Security Analytics / Top Benefits

Big Data Management System

Automates the proactive threat hunting process

An automated approach to data enrichment, threat validation and response enables security teams to focus on critical threats.

Big Data Management System

Detects anomalous behavior quickly

ML-powered analytics help identify threats and scenarios that previously went unnoticed by identifying outliers and performing time-based aggregation.

Big Data Management System

Allows for richer visualization with context-driven analytics

Connect the dots faster with context-driven investigations featuring an intuitive threat storyline, helping analysts discover the what, why and how of an incident.

Big Data Management System

Identifies trends based on historical analysis

Heuristics allow analysts to identify trends based on user and device behavior. Trend analysis helps teams discover insights that otherwise could be identified by an untrained eye.


Security Analytics / Key Features

With security analytics, you can identify anomalies, validate events and incidents based on rule sets, determine threat levels, and create a threat perception.

Scalability

Bringing new data into your data systems can be challenging when it comes to integration, cost and capacity planning. An open architecture without schema limitations helps you scale without fear.

Interoperability

Applications traditionally function independently of each other. Imagine how aggregating data from all your applications in a single, centralized database could benefit your security strategy.


Threat hunting and visualization

Contextual threat storylines with visual analysis capabilities help teams expedite incident investigation and response.


Footprint and time-to-value

The risks involved are immense if your response times are long: the longer an attack goes undetected, the more damage it can cause.




Security Analytics / FAQ

Combining real-time and historical analysis coupled with external threat intelligence sources that provide current information about the latest vulnerabilities can greatly facilitate attack identification. Having a large amount of historical data at hand also significantly simplifies initial calibration, patterns of activity of a given device or user, which are then used to identify anomalies. Existing solutions are already capable of automated calibration with very little input required.

DNIF provides multiple automated workflows to both detect and respond tofor responding to detected threats. These workflows can automate such actions as disrupting clearly identified malware attacks and submitting a suspicious event to a managed security service for further analysis. One can always trigger playbooks — sets of checks to be executed — to automate threat detection and validation.

DNIF comes with out-of-the-box integration plugins for data enrichment, threat validation and response. A comprehensive list can be found here.

Streaming analytics complement traditional analytics by adding real-time insights, which may be key for response time-critical organisations, cybersecurity being one of them. In some circumstances, streaming analytics facilitate better business decisions by focusing on live data.

Traditional approaches rely on batch processing, where data is scored in data warehouses that may process new data hourly, daily or even weekly. These approaches are inherently reactive because they focus on aging information, which means businesses can only react to past events or conditions.

Data which may seem insignificant at a glance might be prove to be useful in future or might add its significance during heuristic analysis. While uncertainty can’t be eliminated entirely, when used correctly, big data can reduce uncertainty. Unstructured or semi-structured data can easily be ingested in DNIF, as there are no schema limitations. You can use this data to solve problems that would once have been vexing.


Security Automation / What Our Customers Say

“DNIF’s Big Data architecture has greatly helped us in gaining visibility at the application level. Integrating SWIFT with DNIF ensured that we were able to meet RBI’s compliance requirements.”

Vinay Tiwari , CISO

RBLBANK-DNIF

“DNIF is re-inventing the SIEM space with its innovative approach of a single unified platform with unlimited scalability that combines advanced analytics, machine learning, threat intelligence and orchestration.”

Sangram Gayal , Partner

PWC-DNIF

“We liked the way DNIF goes beyond traditional tools and validates threats before bringing them to the table. The integration framework is unique and very useful in a large enterprise setup like ours.”

Nitin Chauhan , CTO

RBLBANK-DNIF

“DNIF brings out the real essence of big data to security analytics, this platform can ensure branch offices process their data on prem while having a central hunting / monitoring team respond and resolve threats across the enterprise."

Prashant Maldikar , Head IT Sec

IndusIndBank-DNIF

Security Analytics / Related Blogs

March 18, 2019

Top takeaways from our first DNIFKonnect meetup

Attacks can be difficult to detect, particularly if they’re carried out using different approaches each time. Learn about different attacks and how to detect from...

March 12, 2019

Getting started with threat hunting

Threat hunting is a popular buzzword these days in cybersecurity, but how do you actually get started with threat hunting? In this blog we talk...

March 08, 2019

What is threat hunting, and why is it important?

The notion of “threat hunting” has become quite popular recently, but for many, the term is still shrouded in a sort of fog. In this...