Dynamic Workbooks: The Analyst's Palette
Workbooks provide the “play with the data” environment that enables analysts to interact with data, analytics, and visualization techniques in real-time. Imagine millions of events, alerts, logs and flows neatly organized into a dynamically-updating spreadsheet – where you can instantly pivot rows and columns of data into multiple visual lenses, filter it, prune it, create new sub-views that update right along side the master view (portlets), etc.
What if the data consists of virtual tables with each new event entering right before your eyes, as you work? What if you could bring in additional contextual data – we call it augmentation data – such as user data, geo-location data, DNS data, blacklist IP address data, and more? What if you could not only pivot that data, but also instantly sort or filter on live rows and columns? What if you could not only view it as rows and columns, but also as a link analysis diagram, a parallel coordinates view, or a bar graph that shows connection pathways and counts per pathway? And, what if you did not have to write any scripts or code to make this work?
That’s Click’s Dynamic Workbook. Designed specifically with the security practitioner in mind. Designed by analysts for analysts. Freeing him or her to think critically, and then create informative views of the data to expose the needles in the haystack - as opposed to spending your time writing cumbersome scripts – let alone waiting hours for them to run – just to make the data even mildly useful. The job of collecting and converting raw data into information has been done for you. Now it's all about the analysis. And the Dynamic Workbook transforms that effort from a time-consuming, frustrating experience into one that allows you to test hypotheses or delve into an anomalous incident without delay.