Endeca’s Cyber Situational Awareness

May 4, 2011 By RyanKamauff

Endeca, the search and discovery firm, has been around for over 10 years now (an eon for a dot.com firm). In 2009, Endeca delivered a complete overhaul of their core indexing technology, and today is now scaling up to billion (yes with a B) record terabyte-scale deployments. For Big Data deployments, they offer Hadoop integration, virtualization and query federation.

However, for pragmatically minded DoDIIS technologists, the most exciting news from Endeca might actually be the turnkey analytical application that now comes out of the box. This new product cuts the project lead time for analysts to start using capabilities to just weeks, and has already been deployed against requirements that run the gamut from intelligence investigation and financial analysis to supply chain readiness.

Cyber Situational Awareness is a great example of the kind of analytical app that sits in the Endeca wheelhouse. Many streams of data constantly pour into the SOC: log analysis, incident reports, network analysis, threat intelligence, and more. When a significant incident occurs, the urgent question is not only “how do we handle the incident” but “what’s the impact to current missions and readiness?” Endeca lets the SOC answer that question with search/discovery tools, by interactively tracing the dependency relationships that start with the compromised asset or exfiltrated data. All the key data is ingested into a common operating picture, inside which analysts can search, drill and pivot through lists and visualizations of each cyber data source.

For more information on Endeca’s Cyber Situational Awareness check them out at CTOlabs.com

Or online at http://www.endeca.com

Project Delphi: Integrated Awareness into Mission Environments (dodiistech.com)
NuWave Solutions and Jumpstart Widgets for Endeca (ctolabs.com)
US Census Bureau Launches New American FactFinder on Endeca (ctolabs.com)

Filed Under: Analysis, Security Tagged With: analysis, Application server, Big data, cyber, cybersecurity, Data Warehousing, database, Endeca, GUI widget, Hadoop, IBM, IBM WebSphere, Situation awareness, situational awareness

Our Newsletters

The Monthly CTOvision.com Tech Review provides a recap of the most significant trends sweeping the technology community in the prior month, plus insights into coming events and activities.

The Daily CTOvision.com Update provides a summary of posts we publish on our blog. If we don't publish it does not go out, but it is never more than once a day.

The Daily FedCyber.com Update provides a summary feed of cyber security news with a focus on the federal space.

The Weekly Government Big Data Newsletter is a review of hot topics on the theme of Big Data.

From The Twitterverse

Seen the new #WayIn interface? Try it online and on your devices. Real power is sharing you can do over any website http://t.co/oGpDIopV about 13 hours ago
Christian Science Monitor is building a great track record of reporting on cyber threats, like here: http://t.co/kMSWXLRH about 18 hours ago
A Lesson From the First Cyber Cops http://t.co/3dmoBqaK via @ctovision about 19 hours ago
Posts from http://t.co/drvHMoKw for 05/19/2012 - http://t.co/Ru7WqrPS about 24 hours ago
I was thinking of using @MediaPassNews to protect some of content. Then I discovered any child can read any content protected by mediapass. about 2 days ago
I think I found the best commenting system for CTOvision. It is not Facebook or Disqus, but LiveFyre. Pls check out at http://t.co/RtGViVHG about 2 days ago
XKCD: Punch Me In The Face If I Use Klout http://t.co/KMcrmRrs via @techcrunch (harsh but good point: Klout can't know about real influence) about 2 days ago
From a friend at CMU SEI: Insider Threat Security Reference Architecture http://t.co/Y4RIoAhI about 2 days ago
From a friend at CMU SEI: A Pattern for Increased Monitoring for Intellectual Property Theft by Departing Insiders http://t.co/oK7syddW about 2 days ago
Here @aelkus provides context on On Distrusting Your Toaster and Other Tiny Dystopias http://t.co/EWU3alox via @ctovision (h/t @mattdevost) about 2 days ago
Posts from http://t.co/drvHMoKw for 05/18/2012 - http://t.co/97Tsw4Ku about 2 days ago
Cybersecurity: How US utilities passed up chance to protect their networks - http://t.co/2JSd704M http://t.co/OcuSt4sN about 2 days ago

Real Time Updates Via Twitter

Twitter is a great resource for making the best use of your time at events like the DoDIIS Worldwide Conference. A smart Twitter strategy will help keep you informed of the hottest topics in the conference and will help you decide which of the many dynamic sessions and demonstrations you should participate in. We hope you make us part of your Twitter strategy. Follow us at the following links:

@CarahsoftDoDIIS

We have also built a Twitter List of all firms and Tweeting individuals from DoDIIS. Find it at:

DoDIIS Tech List

Analysis

Project Delphi: Integrated Awareness into Mission Environments

Intelligence commands throughout government have been buying and integrating capabilities for years. Organizations seek similar platform elements, resulting in many similar solutions. Solutions usually leverage high performance low-cost/commodity hardware, reliable operating systems, linkages to distributed data sources, an ability to index those data sources, tools to correlate and extract data from those indexes, and of [...]

Secure Cloud Framework

Federal agencies embracing the cloud computing concepts of elasticity, smart provisioning, enhanced functionality, increased security and improved agility have been improving their use of IT. Concepts like public clouds and private clouds are in the mix of solutions and are already adding value to discussions. But there are some cautions to be aware of. Cloud Computing [...]

Latest Evals

Thetus’ Savanna Analytical Tool

Thetus Corporations’ Savanna provides excellent search, discovery and visualization tools for analysts. Savanna uses tools such as Kapow to scrape websites and all-source data and then pushes them through MetaCarta (for geo-spatial analysis) and Janya (for real-language textual analysis). This data is then sorted into a Savanna’s application – enabling real-time search. Savanna is excellent [...]

Cloudera

Cloudera provides a distribution of the Hadoop data management platform known as CDH (Cloudera Distribution of Hadoop). CDH is a comprehensive platform that significantly accelerates deployment of Apache Hadoop. It also provides critical capabilities designed to make Hadoop more useful in the enterprise. Here are some of the features of Cloudera’s Hadoop distribution: HDFS – Self healing distributed [...]

Endeca

Endeca remains the most disruptive capability in the search and discovery field today. They provide capabilities to users including ways to find information needed without having to know exactly what to look for. Endeca provides a platform for search applications that enables more than 250 million users around the globe to access information quickly and [...]

MetaCarta

MetaCarta provides a means to identify and leverage the geographic references in content. Most government organizations have many millions of documents in digital form including reports, message traffic, briefings and Web pages. More than 70% of the documents have significant geographic references. Geosearch: Find all content, data, and information about a place in a single [...]

NuWave Solutions

NuWave Solutions builds frameworks, frees data for consumption, and works visualization and user interfaces in ways that serve and support enterprise missions and their users. They work with existing enterprise data and applications and deliver capabilities that just blow your mind. They provide visionary ideas and then execute on them fast. For more on NuWave see: http://www.nuwavesolutions.com [...]

Akamai

Akamai (Pronounced ack-ah-my) is a cloud computing company with over ten years of experience. In fact, Akamai provides video delivery and content downloads to many high-profile organizations already. It’s highly distributed network is made of computers in data-centers around the world. By having presences across the earth, Akamai makes sure that content is delivered locally, [...]

MarkLogic

MarkLogic Server is a purpose-built database for unstructured information. It uses xml documents internally for modeling data and storing content. Organizations use MarkLogic to discover information and identify relationships that were previously unknown by standardizing data intakes, performing document classification, and arranging data structures for tokenizing, proximity, boolean, and relevance algorithms. MarkLogic can also track [...]