Security Operations Platform
Accelerated Threat Discovery and Investigation
Faster, Easier, Smarter Security OperationsSift offers a powerful new way to investigate and detect new threats before your business is impacted. The relational graph, cutting-edge machine learning, and novel anomaly detection algorithms are used to accelerate investigation times and identify abnormal indicators and areas of hidden risk.
Sift helps your Security Operations Teams do their jobs faster and easier, with new unique intelligence, so they can focus on mitigating the real threats in your environment:
Security Operations can prioritize alerts and easily perfom initial investigations.
Incident Response teams can greatly accelerate complex investigations.
Threat Hunters can proactively identify unknown threats.
"Sift Security reduces time to investigate from weeks to minutes."
-- VP Infrastructure & Operations, Ionic Security.
The Sift Security Solution
Relational Graph ContextSift integrates data from many sources: including ingestion of netflow, logs, email, and third-party alerts, in order to build a relational graph of entities linked by events and behaviors. By capturing their relationships in real-time, Sift provides unique security context about causal relationships, related risk, and anomalous behavior.
Anomaly DetectionUnsupervised machine-learning combined with state-of-the-art anomaly detection is applied to the real-time network and host events in the relational graph in order to identify rare events, spikes, and out-of-context behaviors in order to identify the highest priority threats and clusters of risk. Sift machine learning continually adapts to any user-provided context including important users, hosts, files, learning the specifics of the environment and performing increasingly well over time.
Advanced VisualizationsWithin the UI, a user can navigate the relational graph and investigate the highest priority and most likely threats. Advanced graph visualizations, navigations, and risk metrics are all used to hone in on where true risk lies in the environment.
Flexible and Easy DeploymentSift can be deployed on premise or in a virtual private cloud on top of leading big data distributions such as Cloudera, Hortonworks, MapR, and Elastic. Deployment can be done in hours and does not require additional agents or network probes. Data is collected directly from the original source, but can also be pulled from existing SIEM and log management tools.
The Sift Security Advantage
“With Sift Security, I can get the context I need quickly and figure out what really caused the problem.”
— CIO, LA LGBT Center
“Sift Security’s graph visualization and workflow is intuitive, powerful, and enables my team to be significantly more productive.”
— Chief Security Officer