Technology-slider

TECHNOLOGY

Pioneering Network Event Correlation

CORRELATED
EVENTS, FLOWS & ASSETS

Next Generation Event Management

Designed to provide fast, useful insight, Fluency focuses on correlating events with application flows. This differs from the traditional security information event manager approach, which focuses on lists and dashboards. Without Fluency’s application network vision, there is no context. Without contextual information, alerts and events are almost impossible to understand.

ML Risk Scoring

Fluency’s machine learning risk scoring occurs in realtime.  Fluency’s Risk Scoring mimics the processes of Tier One  analysts.  This means an automated 7×24 vigilance of your data. With autocorrelation, Risk Scoring incorporates all the vectors of data available to the system producing the most accurate view and analysis of every trend in your logs, and allowing people to focus on responding to issues instead of hunting for them.  Making this even more powerful is Fluency’s ability to act upon a scored event in a programmable manner that matches your needs.

Orchestration

Fluency introduces fully scalable and programmable orchestration.  Fluency provides an open framework to allow organizations to orchestrate relationships between events and responses in a realtime manner.  Orchestration combined with Fluency’s Risk Scoring allows organizations to begin a response process immediately. Orchestration allows for repetitive actions, such as scanning a newly discovered system, to occur immediately.  It also means that the system can respond to issues immediately, reducing the cost of impact and cost to respond.

Autocorrelation

The foundation of Fluency’s perspective on how to make vision easier to use is autocorrelation. While other log management systems focus on lists, Fluency focuses on relationships and correlation. As messages enter the system, they are categorized by matching activity, which is correlated with corresponding flow data. This groups activities from different sources into common activities, without requiring database rule triggering or programming.

Graph Database Technology

One of the newest technologies in databases is the graph database. Traditional databases focus on transactions, also knowns as nodes. Graph databases are different, because they focus on the relationship between nodes. When performing big data analytics, the identification of these relationships is critical. Fluency maintains both a big-data database for transactions, and a graph database for relationships.  This combination enables Fluency to identify relationships between events and attributes, resulting in quicker, more efficient data analysis. This, in turn, allows for complicated real-time analytics and searches.

Big Data Foundation

All of the major SIEMs today were created using relational databases, or flat files. For this reason, they do not scale well, and are only designed for handling alerts. For this very reason, the idea of tuning is engrained into the SIEM and detection cultures. SIEM technologies struggle to handle alerts in high volume. Application flow data requires dedicated, comprehensive big data architecture, something SIEM technology cannot offer.

Events In Real-Time

Fluency has well-engineered preprocessing systems that evaluate and tag information before it enters the databases. This enables a number of enhancements, such as tagging and real-time response. Fluency never polls the database, but uses preprocessors to watch for events that require action. This makes Fluency a true real-time response and analytics system.