Real Time Analytics (RTA) is a cyber security monitoring and incident response solution that can ingest, normalize, enrich, analyze and index huge flows of events in real time, enabling the analyst to detect anomalies and establishes the conditions to rapidly strike back.
RTA can be defined as a “Time Machine” which allows the analyst to gather information history in order to “freeze the crime scene” in dynamic and ever-changing situations. This Time Machine also allows the Analyst to flash forward to gather information regarding potential effects of occurring events
Its value drivers are:
Find the needle in the haystack
The collection and analysis of million of events in real-time enable the possibility to follow the “entities” and find all the patterns and behaviors related to unknown structured attacks
Adding a context to all incoming events generates understandable data and improve detection of unknown complex attacks. More context means better insight
Drill Down and Situation Awareness
Entity oriented visualization and drill-down combined with time oriented analysis similar to a video-recorder allow the security analyst to improve the identification of the entities and their relationships respect to a security incident and support the reaction plan