Core Features

The vision to prevail in a click.

"My teams had to comb through logs generated by a network of thousands of servers and hundreds of network devices. It used to take us days, even months to discover some breaches. Now, complex correlation and impact analysis is presented to us automatically - reducing the 'discovery to fix' interval dramatically."



Click Commander’s core features include:

graphic: scoring bad actors with APT analysis is an outstanding feature of our security analytics software

Click Commander transforms big data into prioritized actors.

Actors are any machine on your network being used by a person or malware to harm your IT assets.

Click Commander presents your highest risk actors in a simple, intuitive table. It pulls the data for its analytics from network traffic, file activity, logs and external threat intelligence feeds, and uses additional proprietary indicators of compromise to keep tabs on each actor in your network — in real-time. Maintaining continuous adaptive health scores, Click Commander shows you at all times which actor is the most anomalous — or outright dangerous.

This gives you the right start point to focus your efforts — the first step in converting big data into actionable intelligence.

graphic: visual dossier of network activity helps put bad actors in your cross-hairs. Unlike other network security tools, these signatures are updated continuously.

Click Commander helps you see the whole picture in real-time.

The visual actor dossier pulls the tens, hundreds, or thousands of relevant alerts and events per day into a view that shows you the relationships between actors and events — a much more effective way to consume big data.This enables the analyst to quickly see patterns of activity associated with the actor in question.

Click Commander provides visibility into actor identity, location and IP address, machine type, connections with other machines, data movement, or privileged account usage. It also gives you insight into the secondary and tertiary actor relationships in play, showing how far-reaching an incident may be.

Click Commander places this dossier of information at your fingertips — and constantly updates it — letting you focus on data analysis and not data gathering.

graphic: Click Commander automates your analysis expertise, for continuous detection analytics.

Click Commander automates your analysis expertise into a new real-time continuous analytic — instantly encoding your latest Incident knowledge into actionable intelligence.

With Click Commander, each analysis step you take — filter, whitelist, augment, etc. — is captured in the background, creating the code for the adaptive analytic. Once you are satisfied that all conditions have been modeled properly, Click Commander automates two key closure steps:

1. The actor dossier is packaged for direct inclusion into your trouble ticketing system allowing your organization to remediate the specific actor in question.

2. The new analytic is incorporated into Click Commander’s continuous stream processing engine so this pattern will be automatically recognized in the future.

Click Commander provides advanced threat detection and business risk visibility to each level of security management:


Analysts get a live dashboard of key activity indicators, the ability to easily request tailored data sets for fast visualization, pivoting between multiple graphical views of a data set as well as the data set itself; plus the ability to capture a query-based URL that can be shared with other users.

Security business managers maintain an at-a-glance view of key security metrics being surfaced by analytics that constantly comb the IT environment for anomalous behavior.

CISOs and other C-level executives gain insight into the health of their network, allowing them to focus on running their business with complete confidence.