Shomiron Das Gupta
Founder & CEO
The year 2020 recorded the highest rate of cyberattacks – a whopping 400 percent year-over-year increase, according to Reed Smith. Partly responsible for this rise is work-from-home set-ups and remote working, wherein people started connecting different network security devices that never speak with each other; to say nothing of the excessive data they generate. With people connecting a single SIEM product to so many devices, collecting terabytes of log information has become an almost impossible task – at least for traditional SIEM systems. Needless to say, this takes a toll on speed of threat detection, the very purpose of having an SIEM system in place. The HyperScalable advanced SIEM solution by NETMONASTERY Inc. called DNIF is a panacea to all these hassles. DNIF blends SIEM, UEBA, SOAR, security analytics, threat hunting and security data lake solutions into a single platform to promote process efficiency, manageability and reduced risks. The product’s high-speed ingestion and performance not only ensure unlimited, scalable log data collection, but also help detect threats in real time. No wonder NETMONASTERY today is regarded as one of the leading cyber security solutions providers. CIO Insider dives deep into the company’s capabilities and journey through an exclusive interview with its founder & CEO, Shomiron Das Gupta.
In conversation with Shomiron Das Gupta, Founder & CEO, NETMONASTERY Inc
What was the ideation behind DNIF and how does it encounter threat detection challenges?
In the aftermath of work-from-culture, when people started connecting a
single SIEM product to so many network devices, collecting terabytes of log information and deciphering it to recognize threats to the environment became an almost impossible task for traditional SIEMs. They couldn’t live up to the required speed of detecting threats, which is one of the key considerations that SIEM platforms were built for.
DNIF, which is a hyperscale SIEM solution, delivers advanced security analytics and response automation, as it stems from a big data analytics engine. It single-handedly provides SOAR, UEBA, security analytics, threat hunting and security data lake solutions on a single platform to promote process efficiency, manageability and reduced risks. Moreover, it solves the age-old problem of combining large-scale collection of data with reliable analysis with a single pane view for a complete network security, security automation and response infrastructure.
It single-handedly provides SIEM, SOAR, UEBA, security analytics, threat hunting and security data lake solutions on a single platform to promote process efficiency, manageability and reduced risks
Today customers face a fast-evolving threat landscape and are seeking a product that can provide enterprise-wide visibility at a reasonable total cost of ownership (TCO). At the same time, they want an integrated solution that can detect, validate, and remediate threats across all their network devices and applications. DNIF enables them to ingest data across any platform while being able to incorporate sysmon logs and achieve detection coverage across a broad range of threats. It has aided our customers to create a centralized data lake and detect outliers across the environment. As a result, they can now implement automation playbooks that
shred their manual requirements by 55 percent.
What are the salient features pertaining to DNIF?
DNIF is packed with features. This highly flexible and scalable platform can be integrated with a number of third-party applications and devices. Moreover, it not only enables agentless log collection and analysis from any source, but also performs real-time data enrichment with identity, asset, geolocation, threat intelligence, and data from lookup tables. The advanced threat detection and management engine provides an overview of what is actually happening within the network in real time. In addition, to defend against both internal and external attacks, the User Behavior Analytics (UBA) tool incorporated in the product continuously monitors user and device activities; not to mention the smart log management feature, wherein all your server logs and metrics are aggregated into a centralized system in real time.
What did the pandemic mean for your company?
We utilized the time to improve our product from a platform level to a complete and brand new HyperScale SIEM solution (DNIF). It now enables organizations to scale as they please regardless of the data generated. DNIF helps in establishing secure work-from-home models and remote-working setups. There was also the problem of keeping up with the huge data generation. As such, DNIF enables customers’ security products to scale data generation.
You have a community edition of the product as well. Could you tell us more about it?
It’s an endeavor to bring our community together and encourage its members to contribute to the product. Our community edition differs from other freemium versions of similar products on the market, since it doesn’t have any limits on the amount of data input or the number of device integrations. It comes with all the features included in the enterprise edition. Having said that, our Enterprise Edition comes at a lower price than our competitors ‘solutions. In our enterprise edition, customers have the choice of choosing between an uncapped device license and a monthly volume license, depending on their needs.