Take advantage of Apache Spot's tools to perform further analysis over the suspicious activity detected by our machine learning algorithm
Study suspicious network activity by looking at a list of security threats detected by Apache Spot's machine learning algorithm.
Have a nice view of your network, understand how devices interact with each other and easily spot threats while exploring a visual representation of suspicious activity.
The following feature is powered by IPython notebooks which allows the users to switch back and forth from the 'easy mode' to the 'expert mode', where they can view and edit the code behind this panel via the web browser.
In the 'Notebook' panel, the form displayed is where the user can assign the level of risk for each connection and use that as feedback to train the Machine Learning model in future executions. Switching to the 'expert' mode, the user can adjust the criteria to filter the data, discarding results known to be non relevant to the analysis.
As your investigation moves forward, get detailed information about a threat whenever you want to dig into an especific threat.
The threat investigation panel represents the last step of analysis before displaying the storyboard. At this point, the security analysts can enter a custom review for a given threat to display.
Ready to present your findings? Go over your high risk security threats and request further information, making it easy for executives to undestand what is going on. Here is a list of some of the information you will get when your analyses comes to the end.
- Incident Progression
- Impact Analysis
- Geographic location
- Incident Timeline
Wondering about how much data have been ingested on your cluster? We provide a nice visualization which allows you to get this information.
The "scoring panel" as well as the "Threat investigation panel" are powered by Jupyter notebooks, (click here to learn more).