VECTRA Cognito Stream - Tempest Telecom Solutions

Cognito Stream

Network metadata with an opinion

Deliver scalable, security-enriched network metadata to feed custom detection and response tools

Actionable network data in Zeek format
Embedded with data science-derived security insights
Associates network metadata with unique host attributes

Zeek-formatted network metadata

Supervised and unsupervised machine learning models that enrich the metadata

Provision data lakes and SIEMs with security-enriched network metadata

Security-enriched metadata

Hundreds of metadata attributes collected from cloud to enterprise
Embedded machine learning-derived security insights
Conduct investigations based on hosts, not IP addresses

Additional resources:

Cognito Stream, which directly populates data lakes and SIEMs with Zeek-formatted network metadata that is enriched with these security insights

Low-touch Zeek deployments

Presented in a compact, easy-to-understand Zeek format
Requires no performance tuning or ongoing maintenance
More than five times the performance of self-managed deployments

Additional benefits:

Zeek-formatted metadata gives you the proper balance between network telemetry and price/performance. You get rich, organized and easily searchable data with traffic attributes relevant to security detections and investigation use-cases (e.g. the connection ID attribute).

Visibility from cloud to enterprise

Support both hybrid, cloud-native, and SaaS deployments
Integrate with infrastructure-as-a-service providers without using agents
Advanced agentless attacker detection and threat hunting

Additional resources:

White paper: Threat Detection and Response in Cloud Environments