Supernova Award Category
The Problem
Cybraics addresses three main problems in the security space based on customer input:
● Unknown and undetected threats everywhere
● Data volume for security teams is untenable; there are more devices, attack surfaces, attack vectors and vulnerabilities, and security alerts are increasing rapidly
● Proliferation of cybersecurity tools and point solutions, resulting in disconnected systems with limited visibility
To address these challenges, Cybraics required a platform that could support unprecedented data volumes and analytics complexity. According to Alan Ross, CTO of Cybraics and founder of Apache Spot: “We have customers that are processing more than 40 terabytes of data a week. On our shared platform, we have multiple customers coming in, which is pushing into petabytes of data on a weekly basis. Then, we run our more than 30 unique, custom algorithms across all of this data. The advanced analytics required for this level of cybersecurity can’t be done within an appliance.”
The Solution
Cybraics nLighten platform can detect unknown, advanced & insider threats, analyzes and prioritizes these threats for investigation & remediation.
Our technology runs on top of Cloudera, allowing us to leverage a massive amount of computing to run multiple analytic approaches. Cloudera’s EDH provides a modern data and analytics management platform to support the data volumes we work with and the breadth and depth of our cybersecurity analytics. This makes it possible to extract the full value of Machine Learning and artificial intelligence by using all available data to assess cybersecurity risk and identify threats. Cybraics’ platform processes petabytes of data, addressing one of the biggest problems for cybersecurity – the velocity and volume of data generated in an enterprise environment. The processing capability and power made possible by Cloudera running on Intel allows nLighten to deliver on the promise of artificial intelligence.
The results
AI is at the core of Cybraics’ solutions, and this is made possible with Cloudera. Cybraics nLighten platform detects threats that conventional cybersecurity solutions miss and decreases customers’ incident-false-positive rate. This reduction significantly decreases the burden of triaging security alerts and directly cuts the time it takes to detect and respond to security incidents. Cybraics’ successes span the gamut across industries and threats. For example, for one of the world's largest financial institutions, the nLighten platform analyzed hundreds of terabytes of data from multiple sources without having to deploy any additional hardware, software, or data collectors within the customer’s environment. Almost immediately, nLighten identified several anomalies that had gone undetected by their current tools. The infiltration was caught before any data breach and the customer was able to locate and remove the malware from thousands of hosts. Another customer example is a large healthcare network that deployed the nLighten platform to ensure the network, medical devices, and databases were protected. nLighten detected, identified, and isolated a very weak beaconing signal that had avoided identification by several cyber tools and an MSSP service. Cybraics collaborated with the customer in identifying the infected host and remediated the malicious threat, while ultimately protecting the customer from a potentially disruptive and costly breach.
Metrics
Reduction in incident false positive rate:
With the help of the Cloudera Enterprise platform, Cybraics nLighten platform detects threats that conventional cybersecurity solutions miss and decreases customers’ incident false positive rate from as much as 95% to less than 5%.
Decreased time to run individual analytics:
Cybraics has seen a significant improvement in performance with the Cloudera Enterprise platform. “When we first started, individual analytics would take up to eight hours to run against data. Now, with our Cloudera deployment and Intel infrastructure, we can process all of our data in less than an hour, and those individual analytics can all run in minutes,” said Kent.
Reduce resources required to triage security threats and cut time to detect and respond to security incidents:
Cybraics believes in an open approach to cybersecurity solutions and has embraced Cloudera’s work with the Apache Spot community to foster collaboration. “Today, cybersecurity is closed, but the only way that we are going to have any sort of impact on the persistent security threats is if we can collaborate and share. With the community around Apache Spot’s open data models, people have a centralized hub for security data. Spot’s open data models enable us to plug in to that shared data set and infrastructure along with other ecosystem partners so we can deliver results to our customers in less time,” added Ross.
The Technology
Cybraics nLighten Platform
Modern Data Platform: Cloudera Enterprise
Disruptive Factor
Cloudera’s platform supports each of Cybraics’ unique three pillars—unsupervised analytics, its AI machine engine, and the ability to deliver the platform as a service. “We implement a technique we refer to as ‘Analytical Pluralism’, meaning we run several sophisticated, computationally extensive analytics concurrently. Our analytics, which are largely based on unsupervised machine learning, but also include supervised and semi-supervised machine learning, excel on Cloudera’s EDH and leverage Intel-based compute resources and memory to run effectively across the large data sets. Our custom algorithms can be applied to any data source we get. This covers the entire threat space and customer assets. Because our coverage is so broad, we can provide company-wide threat detection,” said Ross.
Our AI engine triages all anomalies detected by the analytics and presents customers a prioritized list of what is benign and what demands attention. This shifts a significant portion of triage responsibility from man to machine, and allows the security team to focus on what matters, and achieve unparalleled scale. With Cloudera Enterprise, Cybraics reduces cost and complexity of deployment for customers. To make these capabilities available to all enterprises, we needed to deliver this as a service. Cloudera made this a reality, enabling us to implement the tooling, management, security and automation to bring our vision to life.
Shining Moment
• TAG Southeastern Software Association (SSA) Emerging Megatrends Award
• Ballston Most Innovative Company of the Year
• South Florida Most Innovative Tech Company of 2017
• Technology Association of Georgia (TAG) Top 10 Most Innovative Company