AI Aegis Lab Cyber Data Lake streamlines system and data integration and processing workflows. The service’s robust data transformation capabilities ensure that raw and complex logs are transformed into a clear and structured format, facilitating analysis and insights extraction.
AI Aegis Lab Cyber Data Lake is a powerful and comprehensive microservice data management platform for all log and systems activities:
AI Aegis Lab Cyber Data Lake
AI Aegis Lab Cyber Data Lake represents a crucial nexus within your organization’s Cybersecurity behavioral data processing landscape. By leveraging a range of modules a microservices, it offers you a robust, efficient and flexible data management platform for handling all the events, processes, and logs data within your digital ecosystem:
- 1- Connectors are a set of configurable data fetchers that integrate and extract a range of log data systems, tools, and repositories. We support SIEMs, popular security software and third-party applications.
- 2- Converters are a set of routines that transform all unstructured and structured logs and monitoring and system data into our universal format and structure.
- 3- Lightweight Agents gather all user interactions with other entities (end-points, apps, and systems) via a lightweight application which is easily installed on users’ machines.
Normalization is a critical process that transforms certain attributes of log data to facilitate accurate user and entity behavior modeling in subsequent stages. This process involves various steps, such as anonymizing personally identifiable information (PII) by excluding sensitive fields. Additionally, normalization includes mapping and consolidating multiple data identifiers of the same nature throughout the data pipeline. For instance, if a user has multiple IDs across different domains and applications, normalization ensures that these identifiers are properly mapped and consolidated for comprehensive analysis and modeling purposes. By performing normalization, organizations can enhance data consistency, integrity, and privacy, laying the foundation for robust cybersecurity analytics and insights extraction.
Log Enrichment is a process that enhances the data object by incorporating additional information as new fields. For example, this enrichment may involve adding a corresponding geotag to an IP address. By enriching logs with supplementary data, organizations can gain deeper context and insights into the events and activities recorded in the logs. Log Enrichment plays a crucial role in augmenting the data object with valuable details, enabling organizations to extract meaningful insights and make informed decisions based on the enriched log data.
Event Database is an optimized database specifically designed to store and manage converted cybersecurity event logs and records in a converted and normalized format.
Feature Database is an optimized database specifically designed to store and manage all behavioral features extracted from events’ logs.
API is a versatile service responsible for publishing and transporting all data (captured logs or computed features) across different processing layers.
AI Aegis Lab Cyber Data Lake supports
AI Aegis Lab Cyber Data Lake supports a wide range of common SIEMs, network and application logs: