Kx FOR CYBERSECURITY - A NEW APPROACH

Most cybersecurity solutions ignore the human element, focusing solely on reporting and alerting. In contrast, Kx technology enables and augments the human data analyst, extending automated analysis tools with deep and immersive data exploration capabilities engineered to handle the volume, velocity, and variety of today's Big Data environment.

The few SIEM solutions that can handle the volumes and complexities come at a heavy cost in terms of hardware, software, and maintenance. Enterprises need alternative Big Data security solutions that are robust and reliable while offering flexibility and scalability, as well as a low total cost of ownership. Kx technology, leveraging kdb+’s simplicity, performance, and scalability, can be configured to meet any cybersecurity need and can be deployed on-premises or in the cloud.

Download Whitepaper

WHY USE Kx FOR CYBERSECURITY?

  • Ingest, aggregate, and correlate network data at scale
  • Parse and augment traffic data and ingest via feed handlers
  • Create and embed session metadata to accelerate alerting and analysis
  • Store and query data from real-time or historical databases
  • Perform blazingly fast, near real-time queries (e.g. billion record queries in milliseconds)
  • Visualize network traffic in real-time to identify high-risk threats
  • Includes a state-of-the-art interactive development environment (IDE) to write, debug, test, version, and deploy complete cyber software solutions

  • AD-HOC DATA
    EXPLORATION & VISUALIZATION

    AD-HOC DATA <BR> EXPLORATION & VISUALIZATION

  • NETWORK
    THREAT
    DETECTION

    NETWORK <BR> THREAT <BR>DETECTION

  • NETWORK PERFORMANCE
    ANALYSIS

    NETWORK PERFORMANCE<BR> ANALYSIS

  • 3RD PARTY
    HARDWARE & SOFTWARE
    INTEGRATION

    3RD PARTY <BR>HARDWARE & SOFTWARE <BR>INTEGRATION

  • LOG
    ANALYSIS

    LOG <BR>ANALYSIS<BR/><BR>

AD-HOC DATA EXPLORATION & VISUALIZATION

The platform's Collaborative Analysis Environment gives the entire team access to your data. Using the environment, cyber analysts can execute real-time queries against any aspect of their network; perform complex ETL operations; import and export from a wide range of data formats; visualize massive datasets in seconds; build scripts to perform complex real-time computations; develop custom visualizations, and integrate any of these explorations into any existing dashboard.

And since all of their explorations can be shared via the environment's version-controlled repository, analysts can take a team-based approach to problem-solving.

AD-HOC DATA EXPLORATION & VISUALIZATION

NETWORK THREAT DETECTION

The solution is ideally suited for ingesting and analyzing traffic data in real-time as well as drawing from historical databases to identify and detect threat-related anomalies and patterns.

The open nature of the platform allows you to integrate and leverage 'best-in-breed', third-party predictive, machine learning, behavioral, or anomaly detection libraries to build classification and prediction systems. Using these capabilities analysts can identify and isolate patterns of interest in near real-time.

The same capabilities enable specialists to iterate through the data, build adaptive models, and provide quick visual analysis tools to cybersecurity analysts, allowing them to track hundreds of millions of events each day.

NETWORK THREAT DETECTION

NETWORK PERFORMANCE ANALYSIS

The solution's built-in database and dashboards give you immediate access to a wide range of performance data such as files accessed, services accessed, web categories, ports, events, bandwidth usage per user, threats by category, processes, and more.

In addition, the high-performance query language (q-sql) allows you to perform real-time queries on all of the data inside your system. Users can easily create custom reporting dashboards focusing on the data and metrics that matter to them most.

NETWORK PERFORMANCE ANALYSIS

THIRD-PARTY HARDWARE & SOFTWARE INTEGRATION

Integrate with existing anti-virus/anti-malware, anti-DoS/DDoS, security intelligence systems (SIEM) and data stores:

  • Support for STIX threat ingestion
  • Supports "real-time, ad-hoc, Big Data" exploration and analysis including:
  • extract, transform, and load (ETL)
  • import/export from a wide range of data sources (including CSV, ODBC, JSON, standard log formats, HDFS, )
  • Interface with open-source and commercial predictive analytics, machine learning, behavioral, and anomaly detection libraries
THIRD-PARTY HARDWARE & SOFTWARE INTEGRATION

LOG ANALYSIS

Harvest, aggregate, alert, and report on log data at scale:

  • Leverage kdb+ to execute high-performance Big Data queries against structured data
  • Use the built-in natural language processing support to query unstructured data
  • Combine these approaches to simplify the task of identifying coordinated multi-level attacks
LOG ANALYSIS

FEATURED NEWS & HIGHLIGHTS

The kdb+ time-series database, at the core of Kx Technology, is renowned for its computational speed and performance, as well as the simplicity of its architecture for large-scale data analytics.

Talk to us today
+44 (0) 28 30258826

Get in touch Request a Demo