Real-Time Data Enrichment

Data Enrichment

One piece of data, taken in isolation, is rarely sufficient for making critical decisions. Relying exclusively on a singular piece of data without the associated context can easily lead to misunderstandings that result in failing to respond at all, not responding quickly or thoroughly enough, or taking inappropriate or unnecessary action.

Some use cases may require more context than is included in the original data set

Without the proper context, potential issues can be overlooked, or the breadth or urgency of the issue ― including the specific systems and accounts that may be affected ―may inadvertently be minimized.

Problem

The Onum Platform solves this challenge by enabling you to use out-of-the-box flows, or develop a new flow, to detect these events in real time. Once an event is identified, it will automatically query Active Directory or Oracle to extract additional information regarding the connected user. This additional information will be added to the event prior to sending it to the analytics platform. Depending on what information is extracted, the event may also be sent to an internal application to trigger an alert.

Solution

Onum arquitecture

Example

To effectively determine whether or not an insider threat exists or if another cybersecurity event is currently taking place, it may be necessary to enrich application event data with additional information regarding the connected user from Active Directory or Oracle. All of this data taken together can precipitate a far more comprehensive understanding of what's actually occurring in your environment, thereby rapidly facilitating the most appropriate response.

Are you being attacked?

Let us help you discover the full potential of your data today!

Some use cases may require more context than is included in the original data set

Are you being attacked?

Request a demo or get in touch with our team