Smart Investigator - Security done smart

Report packs for multiple technologies (Windows, Active Directory, Linux, NEC NeoFace®).

Automated anomaly detection in events (e.g logons) every day/week/month

Ultra fast response time (under 5 seconds for any query)

Unlimited horizontal scalability

Custom report creation and organization

Fully integrated with major SIEMs: real-time / schedule based connectivity for data feeds

No SQL database storage

Integrated software-hardware package

Advanced event browser

Extending Your Security Systems' Capabilities

Accurate On-The-Spot Event Identification Starting from One Single Exception Event

Smart Investigator includes a state-of-the-art anomaly detection engine. As data flows between SIEM systems and Smart Investigator, the Anomaly Analyzer automatically creates access patterns for users, based on an innovative self-learning system. Data is then checked within the application modules to quickly identify out-of-the-ordinary events.

Advanced Event Search & Filter. Correlation between Tens of Millions of Events in Seconds

Smart Investigator is using latest generation No-SQL database, being able to find related data based on specific criteria in terms of seconds, instead of hours in the case of traditional database technologies. It performs Full Text Search in event data, in a quick and responsive manner.

User-Defined, Real-Time Alerts

Smart Investigator is also an innovative alerting system with real-time, user-defined alerts, addressing the most specific event requirements, ensuring great accuracy and minimum false alerts, in order to enable immediate measures.

Context Sensitive Dashboards for Rapid Decision Making among Infinite Data Logs

The audited data is quickly sliced and thoroughly organized into multiple categories of information, to offer an immediate documented overview. All dashboards are context sensitive, meaning that data is sliced on the specific context it was generated from. This context can be very simple - from data filtered on just a plain user, to very complex, as the filter field supports logical expressions.

Complete Investigation Module

The investigation module presents the audited data using a graphical interface, enabling security investigators to access the correlated view of security information through a single dashboard. Audit trees are context sensitive and contain correlated data based on predefined user criteria.

Predefined Scheduled Reports for Compliance and Optimized Internal Effort

Smart Investigator’s set of predefined custom reports ensure compliance based on internationally recognized standards and frameworks (ISO 27001, COBIT - Control Objectives for Information and Related Technology, FISMA - Federal Information Security Management Act, HIPPA - Health Insurance Portability and Accountability Act, PCI / DSS - Payment Card Industry / Data Security Standard, SOX - Sarbanes-Oxley Act) and increase the efficiency of the security team.

Integration with Physical Security Systems

The application includes native integration with video analytics modules to offer a quick correlation between physical and virtual events. This way, security investigators can quickly correlate data logs with real life events from the actual physical locations in order to find the sources of issues.

A Great User Experience and Intuitive User Interfaces

Smart Investigator’s interfaces have been created based on the latest standards and research for an enhanced user experience and coherent user interaction flow, in order to make the application easy to learn and remember, nice and efficient to use with a low error rate.

Contact our cybersecurity experts to find out more details now