Business IT is becoming more diverse and distributed. Legacy SIEM devices have continued to add on to a network model that just does not exist anymore. Businesses now must be able to handle Cloud services, mobile devices, and home workers. Not only is there now more data to review and more diverse forms of data, but organizational processes also have to change. Fluency was born in the cloud. With flexible data schemes and a large collection of reports and correlation rules Fluency does not just provide a solution, it provides the know-how to get things done.
The foundation of any SIEM is data comprehension. X-SIEM™ combines the features of Next-Generation SIEM (NG-SIEM) and Extended Detection and Response (XDR) in a cross-platform framework. Fluency’s technology is built on the concept that disruptive technology can only be successful if it works, doesn’t break stuff, leverages what is already there, and deploys easily.
Our Fluency X-SIEM™ is just that. A cloud-based NG-SIEM, Fluency ingests network logs, endpoint protection, endpoint detection and response, mobile, SD-WAN, and cloud data. It then provides the needed framework to investigate, hunt, and respond to issues. Its automated case management system keeps analysts from being overloaded – creating unmatched levels of efficiency.
Additionally, Fluency's Event Watch engine provides the first phase of clarity by using live Lucene searches to select elements of interest. Streams of data are converted into understandable metrics displayed on customizable reports and dashboards. Each watch node generates histogram data for display and analysis, leveraging Fluency’s list manager to change cryptic codes into understandable language. Lists can also be updated by threat intelligence and used as an alternative to searching live data.
Fluency’s Network Reconstruction creates an image of network activity by reconstructing it from host-based telemetry data found in endpoint detection and response products (EDR). With deployed EDR, like SentinelOne Complete, there is no change in the architecture and no additional agents to deploy. Fluency listens to the raw data of the agents and determines processes and their associated communications. The result is regained infrastructure visibility, even when there is no corporate network. Now threat reputation and network-user-entity behavioral analytics can be properly done. This removes the latency and network jitters from in-the-cloud proxies and VPN tunnels. It also makes securing remote workers simpler and more effective.
Look at the output. The 'azo.exe' file in this attack appears to the analyst as a file download triggering a high number of network anomalies. This communication was reconstructed by the agent's telemetry data. Fluency related this activity to the SentinelOne's quarantined threat. Network visibility is critical in the understanding and remediation of the threat.
Finally, it's case management done correctly. Your analysts can be protected from overwhelming alerts using Fluency’s workflow engine that keeps analytics focused on what is being addressed and what is new. No other solution offers a truly automated investigation process. Incoming alerts are first compared to existing alerts to prevent being bothered by variations of the same alert. Alert signals interact with the case workflow manager to ensure that incoming alerts are not a simple variant of a known case. Cases are also grouped, providing a previously unavailable higher view. Analysts consistently praise the power of Fluency’s case workflow, as it keeps them informed and focused on actual results. It only makes sense to measure results based on outcomes and not the number of alerts closed.
Security gets stronger by sharing what we know.
Businesses are learning these new creative working adjustments bring with them numerous benefits – increasing the likelihood it could become the new work norm.
In this episode of beers and bites Chris Roberts joins us.
As more and more systems are switching to the Cloud, the cost of storage increases, its quality decreases, and this inefficiency hurts the enviroment--electrical waste, physical waste, and greater systems. Green Databses aim to fix those issues.
Send us a note if you want to see the impact of Fluency with your data.
6411 Ivy Lane, Suite 302 - Greenbelt, MD 20770