EZAccur can collect all kinds of security-related log and network traffic information with big data technology for centralized storage and rapid analysis. It can not only provide rule-based security event correlation analysis, but also identify abnormal behaviors of users through machine learning, improve the accuracy and timeliness of security risk assessment, quantify the full operational indicators, proactively discover internal and external attacks and violations, and issue real-time alarms to provide a thorn-like all-round guard for business system.
As the brain and headquarters of the security system, EZAccur will build a new generation of security operations center (NGSOC) for enterprises to provide a technical support platform. EZAccur runs through lifecycle management of security event（collection, awareness, grading, investigation, response and optimization）, equipped with linear scaling, high-performance search, visual survey tools, and built-in machine learning engine, which combines threat intelligence and anomaly detection to enable the investigation and processing mechanism of security events more intelligent, visualized and streamlined, effectively improving the efficiency of enterprise security operation.
Dual Data (Log and Network Traffic) Collection and Analysis
In a distributed architecture, EZAccur not only collects logs in real-time from various log sources in different ways but also supports user-defined application log collection as needed.
Supports logs analysis of major security devices, hosts and software, and application systems.
Network traffic can also be ingested as another type of data source to do performance analysis and anomaly detection.
Data Storage and Processing Using Big Data Technology
EZAccur uses a distributed storage and indexing mechanism for the acquired log and traffic data. The system architecture is available to be extended horizontally according to the data volume, to ensure rapid retrieval and correlation analysis.
Analysis and Intelligence-Driven Security Incident Investigation
With security rules and machine learning algorithms, the standardized event data can be used to identify issues (or potential security risks), in combination with asset information and threat intelligence.
• Correlation analysis using security rules
The platform has built-in a series of correlation analysis rules and use cases, covering both external attack discovery and internal compliance auditing,
Users can also re-develop analysis rules in a very flexible way as needed.
• Analysis of abnormal behavior using machine learning
The platform, combined big data, data mining and machine learning technology, is to analyze and build a normal user access behavior model in real-time from massive heterogeneous security data. any new access behavior which is different from behavior baseline would be tagged as abnormal behavior timely.
• Event management using asset information
The platform, combined the asset information with threat information from different sources, may accurately locate security events from the log information, further to identify security risks.
Customizable Alarm Rules
The alarm rules can be configured from multiple dimensions such as time, content, and main body. It can be integrated with external response remediation systems through email/RSS/Syslog or a customized Web-Service interface.
The platform provides cross-device multi-keyword retrieval and query functions for alarms.
With the capability to reverse-track events and security objects that generate related alarms, EZAccur provides a powerful search function for the security team.
Rich Event Visualization Components
EZAccur provides visualized view of security events, including data tables, numerical trends, line graphs, pie charts, histograms, stacked graphs, radar maps, area maps, mulberry maps, event maps, swim lane maps, and thermal Diagrams, etc.,
It can be a powerful tool for security event analysis through all the incident monitoring cycles from real-time alarms, visual displays, query retrieval, investigation and response remediation.
From Passive Security to Active Security
EZAccur will identify abnormal behaviors of users through machine learning, improve the accuracy and timeliness of security risk assessment, and quantify the security operational indicators to achieve rapid location, traceability and disposal of security
The brain and headquarter of the security protection system
EZAccur runs through lifecycle management of security event（collection, awareness, grading, investigation, response and optimization）, equipped with linear scaling, high-performance search, visual survey tools, and built-in machine learning engine, which
Would you like to dialogue with experts of Fusionskye? Contact Us