Boxtrap Security Analytics for the Enterprise

Machine learning, big-data, value centric, software defined security

 

Today's security solutions do not provide what is expected and do not protect companies and individuals from common cyber-attacks. Decision makers remain blind and make decisions on inaccurate, foggy and untrustworthy information. 

Boxtrap is quite a different story. Come and find out with us.

Machine learning and Big-data:

  • System analyze and learn specific indicators which contribute to "self-optimization" functions

  • Boxtrap leverage advanced mathematical statistics to identify hidden threats and anomalies in highly complex environments 

  • We utilize already deployed big-data storage or implement a high-available big-data database system for all types of structured, semi-structured and unstructured data. Note: Boxtrap support major types of big-data storage such as ElasticSearch, MongoDB and Apache Hadoop

Value for the client: Protection against simple and advanced cyber-threats, constant compliance and audit readiness

networking-3.png

Value-centric system and Behavior Analysis:

  • Boxtrap understand what objects are present in client`s IT environment and maintain the most accurate "value-centric" model of what is truly important

  • We integrate business related data to determine an importance for the most accurate protection 

Value for the client: Management understands "what is going on," capability to setup platforms accuracy based on available personnel and budget

analytics-5.png

Next-generation workflow:

  • We are focused on great user experience and capabilities to connect Boxtrap to internal company processes

  • Dynamic cost control helps to quickly setup platform parameters to control IT security labor costs at will

Value for the client: Constantly trustworthy output, advanced user-analytic flow

computing-cloud.png

Software-defined Security:

  • Boxtrap understand what objects are present in client`s IT environment and maintain the most accurate "value-centric" model of what is truly important

  • We integrate business related data to determine an importance for the most accurate protection 

Value for the client: Ready for dynamic cloud and SDN environments


Boxtrap Security Analytics in general corporate IT environment:

Typical mid-size company environment may have following parameters:

  • Reason to act: Protection of client's data, protection of corporate brand and good name, compliance with industry standards and national legislation
  • Up to 5000 endpoint devices
  • Mid-size security infrastructure containing network firewalls (edge, LAN), NIDPS for critical network segments, basic central IdM (Identity Management) service
  • Non-vital services are hosted in world-wide cloud service
  • Basic central log repository with data retention > 60 days

Solution:

Boxtrap technical team perform initial security analysis with a goal to understand client`s conditions, available data and design simple and statistical use-cases.

Boxtrap.png

Boxtrap provides following benefits:

  • Compliance with GDPR [1]
  • Data optimization and gathering using intelligent high-speed gateway
  • Leveraging current big-data store (big-data store can also be part of our delivery)
  • Authentication and protected access to current big-data store
  • Detection of simple anomalies and complex, hidden attacks
  • Semi-automated optimization of detection mechanisms
  • Capability to extend company security strategy on cloud services e.i. AWS, Microsoft Azure and more
  • Note: Now available also as hosted service

Sources:

[1] EU General Data Protection Regulation, http://www.eugdpr.org


Boxtrap Security Analytics in Finance sector

Typical organization in finance industry:

  • Reason to act: Compliance with various industry standards e.i. SOX (Sarbanes-Oxley) [1], PCI-DSS [2] and national/international cyber-security legislation. Protection of client's PII (personally identifiable information), reputation loss prevention and much more
  • More than 200 GB of  structured/semistructured logs per day
  • Up to 10 000 endpoint devices
  • Linux, Windows OS based server infrastructure
  • Specialized i5/OS AS400 [3] server farms
  • Massive virtual environments based on VMware ESX
  • Large security infrastructure containing network firewalls (edge, LAN), NIDPS for network perimeter and internal segments, 802.1x in place, company-wide central IdM (Identity Management) service
  • Internal cyber-security response program

Solution:

Boxtrap implements an intelligent cyber-security layer on the top of client's distributed big-data store. 

Boxtrap Alpha for Finance

Scheme: Boxtrap Security Analytics for Enterprises - Financial sector

Boxtrap provides following benefits:

  • Helps to stay compliant with SOX [1], PCI-DSS [2] and national/international cyber-security legislation
  • Capability to detect and alert on cyber-security policy breaches
  • Detection of complex cyber-attack campaigns
  • i5/AS400 [3] platform integrated to broader information security strategy and threat detection
  • Automated security analytics on the top of company big-data storage
  • Capability to dynamically manage costs for cyber-security teams
  • Constantly trustworthy output ready for decision makers
  • Capability to gather and optimize stream of logs from primary and secondary datacenter
  • Actionable insight for cyber-security response team