What is it?
Self-learning
ÆCID uses a patented solution to build up system behavior models to understand relevant events and their relations. No human effort for manual definition of rules is necessary
Applicable to legacy systems
Effective applicability to legacy systems and systems with low market share – through self-learned model instead of manually defined parsers
Event Correlation across systems
Correlation of events across systems, protocols and layers – ÆCID understands events of varying abstraction levels and can use multiple mining instances for increased scalability
Connectivity to SIEMS
ÆCID does not replace an existing security solution – but runs in parallel and can be connected to SIEM solutions
ÆCID Security Offerings
ÆCID is built on AIT’s patented solution for adaptive network log stream processing, which is inspired by approaches from the domain of bio informatics. This approach enables ÆCID to detect, classify and cluster frequently occurring patterns in log files and eventually distinguish the known good from unknown malicious activities specifically in your custom IT infrastructure – self-learning with minimal manual configuration effort.
ÆCID relies on a central log store and verbose logging activated. It operates on top of raw logs and alerts and reports findings seamlessly and directly to your existing SIEM solution via syslog connectors for further investigations. ÆCID is designed to complement your existing security solutions in place.
-
Support to establish a log management concept
-
Module to discover anomalies in log data streams
-
Suite for automatic configuration, optimization and orchestration of distributed logdata analysis
-
On-Site support for AMiner set-ups and ÆCID through AIT experts