It's not about big data. It's about real-time contextual visibility.
Every enterprise, government agency, and university has plenty of security defense-in-depth. And each security product spews out reams of events, logs, flows, etc. When you hear "...in 86% of the cases where a major breach occurred, the data that could have signaled it was right there, but no one could see it...", ask yourself: Is the problem one of needing more data, or converting the data you already have into actionable information?
Very simply, Click Security reels in network telemetry data, runs it though a unique Stream Processing Engine with hundreds of real-time Click Modules that allow a couple of ground-breaking capabilities.
First, the Real-time Security Analytics (RtSA) platform converts your event 'haystack' to highly correlated, contextual entity-based information. This is why we say "Events don't attack you. Actors do." You can't really act upon events. There are too many of them. Like jigsaw puzzle pieces - viewed independently, they are virtually meaningless. It is only when pieced together within a larger contextual framework that they begin to take on value. We do the heavy lifting of contextualizing all flow, authentication, access, and security event data – as well as other context enrichment data – together for you, building a profile of each entity on your network, what they are up to, and to whom/what else they are communicating.
Second, we run a set of platform analytics right out of the box that will rapidly profile your network, and highly unknown activity that you did not know about. Activity that could get you plenty of publicity, just the wrong kind.
Third, we provide Click Labs-developed applications –complete with investigative module packs and analysis workbooks that provide real-time data interaction and visibility, as well as a mechanism to encode your own security analytics for tightening your organization's security trigger points and policy controls.
