ENSIGN: Cyber

Finding Deep Patterns at Enterprise Scale

ENSIGN is used by security administrators and threat specialists to mine large volumes of unlabeled multidimensional data, such as spreadsheets or logs, for patterns that cue investigations.

These patterns are used in day-to-day operations to discover “what has changed” and support skilled hunt teams who use them to make directed, efficient use of big-graph platforms and search tools. 

In both cases, ENSIGN’s advanced unsupervised machine learning capability connects key dots that make clear who the relevant actors are.

In this way, ENSIGN is the ultimate forensics tool for navigating big data.

Core Capabilities

Organizations collect more data than they can effectively analyze. ENSIGN provides a singular tool to make use of all the data you are collecting now, without the need for time-consuming labeling or complex feature engineering.

Whether you are using Elastic, Splunk, Neo4j or something else, ENSIGN provides the forensic trailheads necessary to make smart, focused use of modern search tools. Form queries relevant to your data. No more boiling the ocean to get thousands of hits against abstract patterns.

Today’s attackers are smart. Security professionals make mistakes. Rules can be incomplete and outdated. With ENSIGN see the real story in your data, without bias. Discover what you thought you were protected against.

Statistics only tell part of the story. With ENSIGN you can see the patterns that make up your data, over any time interval. Learn to separate the normal from the suspicious, the high-volume activity from the low and slow, and find what you didn’t know you were looking for.

ENSIGN on HPE Superdome Flex

ENSIGN and HPE Superdome Flex offer a unique software-hardware solution to turn massive amounts of data into critical actionable insights. This product partnership has been demonstrated in the cybersecurity space to accelerate data analytics, tackle large-scale workloads, and enable critical applications. ENSIGN fully and seamlessly utilizes the compute power offered by Superdome Flex for demanding in-memory workloads and enables quick turnaround time for cyber analytics on massive rapidly growing data. ENSIGN enables high performance at scale effectively exploiting the ultra-low latency and high bandwidth benefits offered by Superdome Flex for high-end in-memory computing.

Read the full Reference Architecture paper from HPE here.

Meet Some of Our Team

James Ezick

VP Engineering
Bio

Muthu Baskaran

Fellow & Managing Engineer
Bio

Dimitri Leggas

Research Engineer
Bio

Brendan von Hofe

Research Engineer
Bio

Get in touch with one of our experts today