By tying analytics and forensics together intrinsically, Niara provides security analysts with easy access to complete context on why something was flagged as high risk and enables better decision making. All of Niara’s user and entity behavior (UEBA) analytics are backed up with deep forensics, enhancing the investigative capabilities of frontline analysts. And with highly efficient indexing, experienced analysts can quickly perform complex threat hunting without having to search across multiple siloed systems to gather necessary information.
Niara maintains high-fidelity forensics to support results delivered through its behavioral analytics modules. From anywhere in the platform (e.g., Entity360 risk profiles, alert summaries, etc.) analysts get fingertip access to layered forensics that include transaction level metadata, files, event details, timeline views of entity profiles and access to raw data including PCAPs, all invaluable for prioritizing which alerts to investigate.
Niara’s approach to supporting analytics results with rich forensics includes access to the raw data which can be turned on optionally. By using patent-pending innovations in data reduction, policy-based packet retention, and real-time compression, Niara enables analysts to access the raw data more efficiently than in existing systems.