Unlimited volume, open architecture
Cost effective storage and compute delivers effective and efficient detection and response. Let the platform self-manage scale so you can focus on security. Open APIs for integrating with all of your tools.
Data Transformation – Create Contextual Data
Create Interflow from all data sources through the Data Fusion engine running within the Data Lake. Don’t worry about setting up complicated post processing pipelines to make your security data more valuable, this is done up front.
Data Scalability – Unlimited Data Volume
Cloud native architecture with clustering for large data volumes ensures that the platform grows with your security operations. Containers, Kubernetes and NoSQL storage are the building blocks of the Data Lake micro-services architecture. Scale up and scale down to accelerate your search and threat hunting workflows.
Data Access – Open Architecture
Data stored in the Data Lake can be accessed either directly through the UI, via a rich set of APIs for easy integration with other tools like SOAR, or through Data Sink to send data to object storage or legacy SIEM tools.
Data Availability – Prevent Data Loss
Multiple data availability features are built into the Data Lake including clustering, monitoring, data replication, disaster recovery, warm-standby and data buffering. Prevent data loss automatically to stay focused on security.
Data Search – Fast Response
Modern data lake for big data allows for fast data search of any content in any field with large volume of stored data. Alert triage, threat hunting and resolve incidents in minutes, not days or weeks.