What we do

jSonar provides DCAP & next-generation security data lake solutions on-prem and in the Cloud. We deliver out-of-the box Security Data Lakes that can be deployed and used within days and weeks rather than years. Our flagship product – DCAP Central – has helped the largest and most respected companies move from siloed and fragmented security implementations to efficient Data Centric Audit and Protection (DCAP) programs while preserving their existing investment in security tooling and reducing both risk and cost.

Our Security and Compliance Data Lake solutions include everything you need out of the box. We do not give you a bag of open source tools that require years of development and endless maintenance efforts. Importantly, our data lake projects always succeed whereas first generation security data lakes have had a less than stellar success rate (some analysts say as low as 1%). Our data lakes are fast to deploy, easy to use, fully functional from the start with built-in machine learning and AI and while keeping data in a live, usable form no matter what your retention needs are. Our lakes address both your security and compliance needs in a single low-cost platform.

Data-Centric Audit
& Protection (DCAP)
Data Lakes
Security &
Data Cloud
for SIEM
Guardium Big Data,
Analytics and Optimization


DCAP Central is a Big Data Lake built for aggregating, storing, reporting and analyzing data related to Database Security, Database Activity Monitoring (DAM), File Activity Monitoring (FAM), Data Loss Prevention (DLP), Identity and Access Management (IAM), Cloud Access Security Brokers (CASB) and other data-related security sources. Long-term, highly granular activity, vulnerability, entitlement and audit information can now be consolidated into an inexpensive centralized audit platform, providing improved access to rich activity information while simplifying data collection processes and reducing operational costs. DCAP Central is not just great at managing the data, reporting and long-term retention; it also includes machine-learning engines, algorithms and services that uncover insights, issues and improvements based on the collected data – all out-of-the-box and with no development needed. Justification engines, 360-degree views of both assets and users and compliance templates round-out the picture allowing you to increase security, simplify operations and reduce the cost of compliance.

To learn more read our DCAP Central white papers


Security and compliance data cloud

SonarC2 is a Cloud Data Lake for security and compliance (the two C-s in the name are one for Cloud and one for Compliance). SonarC2 brings the convenience and low-cost of the Cloud to your security data. Whether you choose to deploy SonarC2 on-prem using enterprise object stores, in a private cloud or on any one of the public clouds, storing and using security data cannot get any simpler. SonarC2 handles data lifecycle automatically for you and gives you access to all data, at any time, using any tool, by any user. Plus, search, dashboards, modeling and analytics are built-in – so you get the benefits of low cost and ease-of-use without having to develop anything yourself.

SonarC2‘s Cloud-Based Active Infinite Retention (CAIR) combines the use of cloud storage and on-prem object stores to provide you with infinite self-managed retention of security and audit data without requiring clusters of machines. Speed and availability with minimal cost, alongside rich functionality such as workflow, profiling, UBA, search and analytics – all providing an order-of-magnitude better performance and order-of-magnitude reduction in complexity and development cost. Supported clouds include Amazon AWS, Microsoft Azure, Google GCP, IBM SoftLayer as well as private clouds utilizing local storage, SANs and object stores.

You can also use SonarC2 to optimize your existing security data lake. With over 700 connectors (including Hadoop, Spark, R and scikit connectors, a Kafka interface and much more) and the ultimate NoSQL flexibility, SonarC2 is perfect as a pre and post processor to make existing security lakes cost less and provide more value. Instead of spending time developing and maintaining bespoke code, use best-of-breed models and algorithms to make your security data lake provide more value to your users. Treat your security data to a spa-like experience.

To learn more read our SonarC2 white papers


Long-term retention for SIEM

Compliance requirements keep getting more stringent and as a result security budgets are being stretched to the breaking point. Rather than spending the money on things that improve security, the money is spent on compliance; the cost of compliance has become prohibitive.

Enter SonarC2 – a solution that reduces the cost of compliance and long-term retention of security data using on-prem object stores and clouds (both public and private) while producing an always-on and always-query-able analytics-native archive for security data at a fraction of the cost of existing security lakes and SIEM extensions. SonarC2 is easy to integrate with your existing SIEM – Splunk, QRadar, ArcSight, LogRythm, RSA etc – usually requiring only the setup of syslog forwarding. SonarC2 then provides ultra-low-cost long-term retention for your SIEM and allows you to keep your SIEM focused on what’s recent and important, while keeping the data secure and always available without the need to ever have jump through restore hoops and risk not being able to retrieve data.

To learn more read our SonarC2 white papers


Big Data, Analytics and Optimization for Guardium

Leveraging years of Guardium expertise and next generation Big Data technology, SonarG modernizes Guardium environments in three critical dimensions: 1) Simplifying data collection, management and long term retention, 2) Enabling flexible, self-service data access and enrichment and 3) Delivering security analytics, machine learning and UEBA specifically targeted at the database tier. SonarG dramatically increases the value of your Guardium investment by solving for both sides of the value equation: Reducing infrastructure and operating costs by >25% while increasing the breadth of functionality and benefits available for every DAM deployment.

To learn more read our SonarG white papers

Security Lake Architecture



4 of the top-10 U.S. banks & 5 of the top-10 U.S. insurance companies
use jSonar Security Data Lakes


Find out more about the 16 areas highlighted below

and Insights
Long-term retention


jSonar data lakes have built-in analytic engines, services and models. Whether for outlier detection and behavior analytics, for determining and maintaining trusted sources, for building a 360-degree view of assets or users, all the functionality is a part of the data lake. Derive insights from your data without hiring armies of consultants or burning your security budgets on services that will yield unmanageable stacks. Everything you need is a part of the lake and can be used out of the box; all based on machine-learning algorithms and models that are easy to use and easy to tweak. Plus, because jSonar data lakes are open to all mainstream tools and frameworks there is no lock-in and you can bring your own tools, algorithms and models as well.



jSonar data lakes use patented and patent-pending techniques to allow you to stretch your retention without stretching your budgets. If you need to retain data for 13 months – easy. If you need to abide by NY regulations and retain data for 3 years – just as easy. Longer – fine. The data lake manages you security information lifecycle automatically and in a way that you can always query the data immediately using any sort of search or report.

jSonar data lakes run on Linux servers utilizing direct-attached disks, SAN, HDFS or object stores. Both enterprise (on-prem) object stores as well as all cloud object stores are supported. You decide what retention policy makes sense and the data lake automatically manages movement and long-term retention of data across hot, cold and offline storage. The data is always available for you to query – you do not need to worry about where the data resides. You benefit from ultra-low costs, the ultimate in availability and durability all within the simplest of solutions requiring zero administration.



jSonar data lakes store data natively as compressed columnar JSON within a highly-optimized NoSQL data store. The system uses a flexible schema approach so that any data can be ingested without the need to define schema, mapping, types etc. Each object is a JSON document that is self-contained and independent. JSON flexibility is augmented by shredding the JSON into an efficient compressed column-store. Data is compressed and de-duplicated yielding better storage profiles than indexing systems. Using a column-store means that every field in any document can be searched on (it is like having an index on any field) – all done automatically and without user intervention. The combination of a column-store with an execution engine that utilized SIMD, pipeline, vector-based techniques and much more means also better performance than indexing systems. Finally, the compute layer provides the richest set of operators for analytics so that work can be done within the efficient execution system preventing the need to move large amounts of data around – usually yielding two or three orders of magnitude better performance than other systems.

BI ToolsBI Tools

BI ToolsMapR

R StudipScikit

CyberArk ServiceNow Netskope Ping Okta



jSonar data lakes are easy to access and provide unparalleled possibilities in terms of integration. You can access data through both NoSQL and SQL so you can use any of your existing Business Intelligence (BI) tools such as Qlik and Tableau. Access using a variety of NoSQL drivers and tools is supported natively – examples include Alteryx and Splunk as well as open source environments such as R, scikit, Hadoop and Spark. Finally, The NoSQL layer allows rapid integration with a variety of environments without the need for development, for example, enriching security event and audit data with CyberArk and ServiceNow data.


Monitoring for Database as a Service (DBaaS) and for Cloud Activities

The SonarG Database Security Lake supports monitoring cloud Database as a Service solutions such as Azure SQL, Azure CosmosDB and Amazon AWS RDS.
The SonarC2 Security Cloud connects to services such as Azure Event Hubs and AWS Cloudwatch for aggregating and analyzing any security events.



jSonar is a highly-profitable VC-based company headquartered in Boston, MA.
Our founders include serial entrepreneurs and industry veterans in the areas of security, analytics and Big Data.
Our sole focus is our customers – we are here to make your security lake succeed.
Our technology has no equal and that translates into better experiences and better outcomes.

If you want to make Security Intelligence work well
call us or email simple@jsonar.com