PatternEx Platform

PatternEx Virtual Analyst Platform software ingests log data from 50+ data sources, computes 1000+ analytics in real-time, and uses 100+ pre-trained AI models to analyze the data. The result is highly accurate and contextualized alerts mapped to the MITRE ATT&CK framework for complete attack lifecycle visibility. Security Analytics

• Built-in: 1000+ analytics from a variety of data sources such as application, workload, cloud, network, users/identity, and end-point in real-time
• Extensible: create custom analytics using SQL and PatternEx library of common cyber security primitives

AutoCorrelation

• Connects various threat tactics, techniques, and entities together, even over long periods of time and for indirect relationships
• The Attack Navigator and cluster view enables the analyst to interactively investigate the attack sequence and its impact
• Reduces time for investigations by 20x

AI Model and Rule Builder

• Create custom outlier (anomaly) detectors from 1000+ prepackaged analytics or custom analytics
• Create custom rules from 1000+ prepackaged analytics or custom analytics
• Run models iteratively to hunt for new threats
• Deploy models on live data to generate reports and/or alerts
• Perform retrospective analysis to identify missed threats

Model Lifecycle Management

• Generate alerts with AI detection models and embed the findings in analyst workflows
• Customize the deployment strategy to prioritize the best performing models
• Learn from alert resolutions to improve detection rates
• Assess model performance by comparing model findings and alert resolutions

Data Sources Your attack surface is broad and is changing. So to ensure complete coverage, PatternEx Virtual Analyst Platform supports all major data categories and ships with over 50+ data sources ready to ingest. Additionally, threat intelligence data and existing labeled attack data also can be incorporated into the analysis.