For a demo and to learn more about Sqrrl’s big data capabilities, please call (804) 814-0384 or email Katie@triadtechpartners.com.
Sqrrl is the Big Data company that develops Sqrrl Enterprise, which is the most secure, scalable, and flexible NoSQL database for building real-time Big Data applications. Sqrrl Enterprise is powered by Apache Accumulo and Hadoop. Sqrrl Enterprise extends the capabilities of Accumulo with additional data ingest, security, and real-time analytical features that help unlock the power of Big Data.
Sqrrl Enterprise enables the ingest and analysis of disparate datasets to facilitate proactive threat detection, in what’s known as cyber threat hunting.
- Target: Scope the data sets that will be used in your investigation. Hunts can branch from various starting points or “trailheads”. These include indicator-driven structured hunts and hypothesis-driven exploratory hunts, both of which can be optimized with automated analytics and machine learning.
- Hunt: Proactively and iteratively search through network and endpoint data to detect and isolate advanced threats that evade more traditional security solutions.
- Disrupt: By seamlessly pivoting from hunting to forensic analysis, disrupt adversaries before they fully execute their attacks. These analyses can generate new indicators to feed into complementary security systems, creating an effective security feedback loop, what we call Advanced Persistent Defense.
To learn more about threat hunting read the SANS white paper sponsored by Sqrrl.