DATASHEET SQRRL ENTERPRISE INTEGRATE. EXPLORE. ANALYZE. Sqrrl Enterprise is a real-time platform for securely integrating, exploring, and analyzing all of your data to accelerate analyst search and discovery. Sqrrl Enterprise features: • Automated contextual knowledge extraction • Visual data lineage and research • Ingest and fuse disparate data Sqrrl Enterprise unifies several Big Data approaches into a single platform, including Hadoop, linked data sources into a common data model analysis, machine learning, Data-Centric Security, and advanced visualization. Sqrrl Enterprise excels in use cases such as advanced data breach detection, fraud/waste/abuse analysis, and intelligence • Explore your data through an processing/exploitation/dissemination. intuitive visual search interface Sqrrl Enterprise 2.0 Sqrrl Enterprise is a real-time platform for securely integrating, exploring, and analyzing massive amounts of structured, semi-structured, and unstructured data. It scales elastically to tens of petabytes of data and enables organizations to eliminate their internal data silos through fine-grained security controls. Sqrrl Enterprise supports both real-time exploratory and predictive analytics and helps companies find hidden value in their data via dynamic and interactive queries and visualizations. Sqrrl Enterprise’s architecture consists of five layers, as depicted in Figure 1: • Discover anomalies in your data via predictive analytics powered by Apache Spark and R • Interact with your data as property graphs and/or JSON documents • Powerful query language that supports SQL-like, full-text, and graph search • Multi-petabyte scalability and stability at scale • Works with static or streaming data feeds Figure 1. Sqrrl Enterprise Capabilities • Fine-grained access controls for unstructured, semistructured, and structured data 1. Hadoop/NoSQL. Apache Accumulo powers the core of Sqrrl Enterprise. Accumulo is a sorted, distributed key/value store that integrates natively with Apache Hadoop. It can process petabytes of • Encryption of data-at-rest and data-in-motion structured, semi-structured, and unstructured data as a robust, scalable, and real-time data storage and retrieval system. Accumulo possesses fine-grained access controls (i.e., “cell-level” security) that enable • Compatibility with any granular tagging of key/value pairs with visibility labels. Accumulo’s distribution of Hadoop • Runs on bare metal or in public 2. Secure Collaboration. Sqrrl Enterprise builds on Apache Accumulo’s fine-grained access controls or private clouds and provides seamless integration to Enterprise Identity and Access Management (IAM) Systems via a • Utilizes low cost commodity Sqrrl Policy Engine and a Sqrrl Labeling Engine. This allows data access to be controlled at the cell-level. hardware Sqrrl Enterprise also supports encryption of data-in-motion and data-at-rest and database auditing and monitoring tools. These security capabilities enable analysts to securely collaborate by ensuring that each analyst is only able to access the data that he or she is authorized to see. Integrate. Explore. Analyze. | Page 2 What People Are Saying 3. Predictive Analytics. Sqrrl Enterprise supports various types of advanced analytics (including machine learning), such anomaly detection, clustering, pattern matching, and shortest path calculation. These advanced analytics are supported by Sqrrl Enterprise’s integrations with Apache Spark (GraphX), R, Pig, and MapReduce. Sqrrl Enterpise comes prepackaged with algorithms that align to these analytic frameworks. “Wikibon practitioners tell us that increasingly, value from their big data initiatives will come from making solutions work with many data sources in real-time” said David Vellante, Chief Analyst at Wikibon.org. “The challenges of delivering on this vision are substantial, however, and include constraints around performance, complexity, scale, data access and skill sets. Sqrrl Enterprise, has the potential to dramatically simplify Big Data analysis by providing a unified platform to securely explore relationships in disparate datasets and analyze those datasets for trends and anomalies.” 4. Exploratory Analytics. Sqrrl Enterprise’s search and query layer provides interactive access to data. Specifically, Sqrrl Enterprise supports real-time full-text search, SQL-like queries, and graph search. Sqrrl’s query language (referred to as SqrrlQL) is enabled by Sqrrl Enterprise’s hybrid data model structure. Users can access the data stored in Sqrrl Enterprise as both JSON document and as a property graph. In this sense, users can toggle between standard database queries and more advanced graph searches. 5. Visualization. Sqrrl Enterprise comes with a powerful user interface to explore your data as a connected property graph. This means that you can easily explore your data as connected nodes and edges with the nodes representing entities (e.g., users, IP addresses, servers, etc.) and edges depicting the relationships between the nodes. The user interface also includes reporting and dashboard capabilities and analyst Figure 2. Sqrrl User Interface collaboration tools. Developers can also utilize the Sqrrl API to power their own custom applications. Example Use Case Sqrrl Enterprise can be utilized to conduct Big Data Security Analytics across diverse cyber datasets, such as logs, configuration info, system and audit trails, identity context, network flows, external intelligence feeds, full packet and DNS capture, email /social activity, and customer transactions. These datasets are analyzed using to detect suspicious behavior in real-time and analysts are alerted when thresholds are triggered. Access to sensitive data, such as PII, can be restricted based on organizational roles. Benefits Sqrrl Enterprise is most beneficial for organizations that want explore hidden relationships in their Big Data and find anomalies in their data. Sqrrl Enterprise also greatly improves information sharing within and across organizations that have security- or privacy-sensitive information. By utilizing Accumulo’s fine-grained access controls, Sqrrl Enterprise helps organizations bring together datasets that were previously kept segregated for security reasons. When these security controls are combined with Sqrrl’s petabyte scalability, organizations can bring their diverse datasets together for real-time analysis on a single platform. Who We Are For • Cybersecurity analysts looking to find threats that their SIEMs and firewalls miss. • Defense and Intelligence analysts tracking patterns of life across Multi-INT data sources. • Healthcare analysts that want to find fraud, waste, or abuse in payments. • Financial analysts trying to detect hidden operational, credit, or market risks. ABOUT SQRRL Sqrrl powers secure, massively scalable Big Apps and was founded in 2012 by creators of Apache Accumulo. With their roots in the U.S. Intelligence Community, Sqrrl’s founders have deep experience integrating and analyzing complex petabyte-scale datasets. Sqrrl is headquartered in Cambridge, MA and is a venture-backed company with investors from Matrix Partners and Atlas Venture. 130 Prospect Street Cambridge, MA 0213 p: (617) 902-0784 e: info@sqrrl.com www.sqrrl.com @SqrrlData
© Copyright 2024