TITAN


Cyberdata Fusion & Netops Architecture

Drive Anticipatory Execution with a Strategy & Plan for Future State Operations


TITAN provides the ability to tie existing tools together, enhance operations, determine root cause and anticipate failure, which could impact performance of mission. It helps analysts filter “noise” to focus on actionable events, improving response time. TITAN is an integration of Logstash and Elasticsearch into an established Splunk eco-system.


Discover More

FEATURES & BENEFITS


  • ➤ Cyber Security Mission

    •  • Insider Threat Detection

    •  • Anomalous network activity

    •  • Security Policy Manipulation

    •  • Compliance Alteration Detection

    •  • Malicious user reconnaissance detection

  • ➤ SPLUNK Throttle

    •  • Selective event modification and forwarding

    •  • Operational processing and temporal data archiving

    •  • Selective event, alert processing and forwarding

    •  • Cost savings; data storage and indexer licensing

  • ➤ Graph Database Visulizations

    •  • Root cause analysis; cyber events

    •  • Malware and virus detection

    •  • Forensic analysis; temporal and real-time data

    •  • Event linkage, relationship detection and visualization



TITAN Architecture


Accelerate security life cycle management with the integration of Logstash and Elasticsearch into a Splunk eco-system.

SOCTRAQ

  • Provides directed focus and correlation for analysts to help find needle-in-a-haystack issues and threats in the sea of network and SIEM data

  • Incorporates visual elements of “movement” to support active identification of state change and potential advanced threats

  • Compilation of disparate alerts/events into an identifiable threat chain and graphically depicts events and how their linkage could result in a compromise or breach

Graph DB

  • Identifies and displays connections between log messages that are collected from servers, workstations and network devices that otherwise might go unnoticed

  • An advanced analytics tool for big data environments

  • Handles both structured and unstructured data equally

Elastic Stack (ELK)

  • An open source platform that is easily obtained, moderately complex to deploy and requires moderate Linux/Windows skills to manage and maintain

  • CyForce is currently working on enhancing the ELK Stack ecosystem with management interfaces, configuration wizards and mobile platform applications.