DCAP (DATA-CENTRIC AUDIT AND PROTECTION) DATA LAKES
DCAP Central is a Big Data Lake built for aggregating, storing, reporting and analyzing data related to Database Security, Database Activity Monitoring (DAM), File Activity Monitoring (FAM), Data Loss Prevention (DLP), Identity and Access Management (IAM), Cloud Access Security Brokers (CASB) and other data-related security sources. Long-term, highly granular activity, vulnerability, entitlement and audit information can now be consolidated into an inexpensive centralized audit platform, providing improved access to rich activity information while simplifying data collection processes and reducing operational costs. DCAP Central is not just great at managing the data, reporting and long-term retention; it also includes machine-learning engines, algorithms and services that uncover insights, issues and improvements based on the collected data – all out-of-the-box and with no development needed. Justification engines, 360-degree views of both assets and users and compliance templates round-out the picture allowing you to increase security, simplify operations and reduce the cost of compliance.
Security and compliance data cloud
SonarC2 is a Cloud Data Lake for security and compliance (the two C-s in the name are one for Cloud and one for Compliance). SonarC2 brings the convenience and low-cost of the Cloud to your security data. Whether you choose to deploy SonarC2 on-prem using enterprise object stores, in a private cloud or on any one of the public clouds, storing and using security data cannot get any simpler. SonarC2 handles data lifecycle automatically for you and gives you access to all data, at any time, using any tool, by any user. Plus, search, dashboards, modeling and analytics are built-in – so you get the benefits of low cost and ease-of-use without having to develop anything yourself.
SonarC2‘s Cloud-Based Active Infinite Retention (CAIR) combines the use of cloud storage and on-prem object stores to provide you with infinite self-managed retention of security and audit data without requiring clusters of machines. Speed and availability with minimal cost, alongside rich functionality such as workflow, profiling, UBA, search and analytics – all providing an order-of-magnitude better performance and order-of-magnitude reduction in complexity and development cost. Supported clouds include Amazon AWS, Microsoft Azure, Google GCP, IBM SoftLayer as well as private clouds utilizing local storage, SANs and object stores.
You can also use SonarC2 to optimize your existing security data lake. With over 700 connectors (including Hadoop, Spark, R and scikit connectors, a Kafka interface and much more) and the ultimate NoSQL flexibility, SonarC2 is perfect as a pre and post processor to make existing security lakes cost less and provide more value. Instead of spending time developing and maintaining bespoke code, use best-of-breed models and algorithms to make your security data lake provide more value to your users. Treat your security data to a spa-like experience.
Long-term retention for SIEM
Compliance requirements keep getting more stringent and as a result security budgets are being stretched to the breaking point. Rather than spending the money on things that improve security, the money is spent on compliance; the cost of compliance has become prohibitive.
Enter SonarC2 – a solution that reduces the cost of compliance and long-term retention of security data using on-prem object stores and clouds (both public and private) while producing an always-on and always-query-able analytics-native archive for security data at a fraction of the cost of existing security lakes and SIEM extensions. SonarC2 is easy to integrate with your existing SIEM – Splunk, QRadar, ArcSight, LogRythm, RSA etc – usually requiring only the setup of syslog forwarding. SonarC2 then provides ultra-low-cost long-term retention for your SIEM and allows you to keep your SIEM focused on what’s recent and important, while keeping the data secure and always available without the need to ever have jump through restore hoops and risk not being able to retrieve data.
Big Data, Analytics and Optimization for Guardium
Leveraging years of Guardium expertise and next generation Big Data technology, SonarG modernizes Guardium environments in three critical dimensions: 1) Simplifying data collection, management and long term retention, 2) Enabling flexible, self-service data access and enrichment and 3) Delivering security analytics, machine learning and UEBA specifically targeted at the database tier. SonarG dramatically increases the value of your Guardium investment by solving for both sides of the value equation: Reducing infrastructure and operating costs by >25% while increasing the breadth of functionality and benefits available for every DAM deployment.
UNIVERSAL ACCESS & INTEGRATION
jSonar data lakes are easy to access and provide unparalleled possibilities in terms of integration. You can access data through both NoSQL and SQL so you can use any of your existing Business Intelligence (BI) tools such as Qlik and Tableau. Access using a variety of NoSQL drivers and tools is supported natively – examples include Alteryx and Splunk as well as open source environments such as R, scikit, Hadoop and Spark. Finally, The NoSQL layer allows rapid integration with a variety of environments without the need for development, for example, enriching security event and audit data with CyberArk and ServiceNow data.
CLICK TO VIEW DEMOS OF ACCESSING DATA IN SONARW AND SONARG USING
ALTERYX, SPLUNK, R, SPARK, TABLEAU, JSON STUDIO, AND MORE
Monitoring for Database as a Service (DBaaS) and for Cloud Activities
The SonarG Database Security Lake supports monitoring cloud Database as a Service solutions such as Azure SQL, Azure CosmosDB and Amazon AWS RDS.
The SonarC2 Security Cloud connects to services such as Azure Event Hubs and AWS Cloudwatch for aggregating and analyzing any security events.