Real-Time Collection
Once engaged, we continuously collect all possible network device logs. Typical devices include servers, workstations, firewalls, routers, and switches, but we can also pull data from badge readers, wireless radios, and security cameras.
Applied Pre-Incident
Proactively applied, our engine acquires incident data in real-time, the requirement for quickly providing network information needed to understand exactly what did occur and what is occurring.
Post-Incident Application
Applied after an incident, the data can identify subsequent incidents, which might be related, and provides the details necessary to evaluate a network’s health. Disparate pieces of data, however, yield limited intelligence by themselves and require a significant effort to understand in aggregate.
Data Ready for Analysis
The gathered logs must be correlated and must be analyzed to give our clients clear intelligence needed for making informed and timely decisions. Correlation, the next step of our process, is needed to make sense of all the collected data.
