The SMART LogAnalyzer (SLA) will utilize an analytic and HDFS cloud storage systems for collection and processing of ingested information (EX: Netflow, device logs, alerts). Going to the cloud for storage allows continuous growth of log storage that will enable the software to process new cases in analysis for security purposes. Since cloud storage is built on commodity hardware, and expandable on-demand, it reduces the cost to start and grow your data set.
Since SLA provides a log repository from many different systems, it is able to make correlations between logs that were never before available. Providing full insight into users’ movement through the network and analysis of systems like never before. Since this contains the logs of your entire enterprise, including their weaknesses and attack points, you want to keep this in-house and have full control over the data. You don’t want to unwittingly expose your site by providing the keys to enter. SLA provides the security necessary to guard and protect these key information assets. Our threat analyzer (a component of SLA) provides a mechanism to explore and use business intelligence techniques to ferret out relationships among the data sets to further identify strengths, weaknesses, and vulnerabilities. SLA provides real-time monitoring, signature alerting, personal profiling, and anomalous activity detection, and provides a graphic interface that goes beyond simple graphic indexing with CCG-provided visuals and dashboards.