COGITO SIEM

Cogito is derived from the Latin term “I think therefore I am” and is based
on the very principle, establishing the existence of a being from
the fact of its constant thinking.

Cogito, our flagship product, is a cyber security application framework
that provides organizations the ability to ingest, process and
store diverse security data feeds at scale. This helps to
detect cyber anomalies and enable organizations
to promptly respond to them.

Cogito offers a centralized tool for firewall security monitoring and also
provides capabilities for log aggregation, full packet capture
indexing and storage within a single platform.

Cogito-SIEM possesses the capability to predict emerging threats while
not relying exclusively on signature based detection. Cogito-SIEM integrates a
variety of Big Data technologies in order to offer a centralized tool for security monitoring
and analysis. Cogito-SIEM also provides capabilities for log aggregation, full
packet capture indexing, storage,advanced behavioral analytics and
data enrichment, while applying the most current
threat-intelligence information to secure
telemetry within a single platform.

031104113312832230001020011301001010031010020031104113312832230001020011301001010031010020031104113312832230001020011

Our Cogito-SOC framework provides four key capabilities

01. Security Data Lake/Vault

Cogito-SOC platform provides a cost effective way to store enriched telemetry data for longer periods of time. This data lake provides the corpus of data required to do feature engineering that powers discovery analytics and provides a mechanism to search and query for operational analytics.

02. Pluggable Framework

Cogito-SOC platform provides not only a rich set of parsers for common security data sources (pcap, netflow, bro, snort, fireye, sourcefire) but also provides a pluggable framework to add new custom parsers for new data sources. It adds new enrichment services to provide more contextual info to the raw streaming data, pluggable extensions for threat intel feeds, and the ability to customize the security dashboards and firewalls.

03. Security Application

Cogito-SOC provides standard SIEM like capabilities (alerting, threat intel framework, agents to ingest data sources) but also has packet replay utilities, evidence store and hunting services commonly used by the SOC analysts.

04. Threat Intelligence Platform

Cogito-SOC platform provides a cost effective way to store enriched telemetry data for longer periods of time. This data lake provides the corpus of data required to do feature engineering that powers discovery analytics and provides a mechanism to search and query for operational analytics.