December 5, 2018 by Chris Jordan
Being a compliant and privacy-oriented central log manager does not mean that Fluency is not robust. In 2015, Fluency was an RSA finalist for the speed and capacity of our database in handling log data. We are now hitting speeds fifty (50) times faster than elastic, and perform pseudonym protection in the database itself.
What makes Fluency a powerful SOC tool is that the data is correlated into document records, then scored at the tuple and source levels. This fusion technique allows for highlighting events of interest and evaluate relationships between events that triggered alerts and those that did not. Fluency is often used in this manner in comparing when tools triggered and what was missed, even when an automated response (SOAR) is in place.