Corporate Security

Physical and digital risks are prioritized and visualized in one platform.

Haystax helps corporate security leaders protect their facilities and employees with a cloud-based software analytics platform that eliminates the artificial boundaries between IT, physical and personnel security. Our suite of task-focused applications integrate seamlessly into existing corporate SOC environments, providing all-hazard asset protection, incident reporting and monitoring, digital threat awareness, event security management and natural-disaster preparedness.

LEARN MORE ABOUT HAYSTAX FOR CORPORATE SECURITY

Public Safety

Critical infrastructure protection and all-hazards preparedness

Haystax has developed an integrated cloud-based solution that combines web-based tools for managing critical asset data and monitoring real-time digital feeds with mobile apps for conducting facility assessments, reporting incidents and providing routine informational updates from the field — significantly reducing reliance on pen-and-paper assessments, printed maps and field interview cards. Fresh ground intelligence can be cross-referenced with existing asset and event data, analyzed quickly and shared across multiple stakeholder groups. As a result, law enforcement, school safety, fire and emergency management leaders can maintain a common operating picture of their areas of responsibility, giving them the contextual awareness they need to respond with confidence to any incident or emergency.

LEARN MORE ABOUT HAYSTAX FOR PUBLIC SAFETY

Asset protection, domain awareness and information sharing tools for all-hazards risk management.

Whether they operate in urban, suburban or rural environments, first responders face an array of challenges protecting their inhabitants and critical facilities. Attacks, accidents and natural disasters often happen with little warning, and can impact broad geographic areas and vulnerable populations. Haystax public safety solutions give law enforcement, school safety, fire and emergency management agencies instant access to the right information at the right time — including the ability to share intelligence and analysis and monitor, report, alert and respond to incidents — from a single unified environment. Read on to learn more about our mission-focused solutions and services.

Haystax Blog

The Latest News & Insights

PrevHouston skyline at nightKeeping Houston Safe During Major 2017 Events08 May 2017NextNetwork Data is Not Enough08 June 2017

Haystax Technology CTO Cited in CSO Article on ‘Security Alert Fatigue’

May 11, 2017
CSO logo

It’s not uncommon for large enterprises to receive thousands of security alerts each month, thanks to analytics software configured to identify anomalies that may indicate a potential threat. However, an analyst is needed to look deeper into each alert to determine its validity. This has led to an industry-wide phenomenon known as ‘alert overload’ — which is only going to get worse as the technology gets better and a wider range of data sources generate more threat signals.

The overload problem occurs because “the system is unable to provide sufficient context up front to filter out the anomaly before it generates an alert, so it falls to the analyst to do that manually,” Haystax Technology Chief Technology Officer Rob Kerr told CSO in a recent interview. “This is a big problem because there are thousands of pieces of data on network logins, printer activity and building access logs. So there will be an alert when Bob — who typically works 9 to 5 every day — reenters the office at 7:30 one evening [or] prints a large file on a Sunday, accessing a file server that is normally off-limits to him.”

Kerr outlined for CSO five of the most common security analytics mistakes that trigger false positives:

  1. More alerts than you can process (“Turn off too many and you can miss events that are important.”)
  2. Only alerting for things that are happening right now (“Waiting until you see malicious activity puts your security team into response mode before they even start.”)
  3. Only looking at network data (“Many potentially malicious network events are more likely benign events that triggered your security analytics system.”)
  4. Not prioritizing alerts (“Security analytics systems that don’t effectively prioritize alerts waste your team’s time by asking them to clear low-value alerts when highly important alerts linger at the bottom of their queue.”)
  5. Alerts without context (“When your security team processes an alert, the first thing they will do is look for additional information that provides the context they need to clear it.”)

So what can organizations do to fix the alert overload problem? Kerr says that organizations need a system for “filtering out minor activity and highlighting the highest-priority risks has the net effect of providing enough context to drastically diminish false positives and the burdens they place on overworked analyst teams.” One such system is the Haystax Haystax Analytics Platform™, which applies multiple artificial intelligence techniques and a pioneering ‘model-first’ approach to reason like a team of analysts and prioritize risks in real time at scale for more effective protection of critical systems, data, facilities and people.

For more on Kerr’s thoughts on alert overload, check out the full piece on CSO Online. The article also appears in CIO and Network World.

#  #  #

NOTE: Are you attending next month’s Gartner Security & Risk Management Summit? The Haystax Technology team will be there, too. Please stop by our booth for a chat about how our Haystax Analytics Platform™ can help you solve your organization’s toughest security analytics challenges.

 

Related posts