Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Haystax: Actionable Intelligence Platform


Published on

Haystax Technology, Inc. provides next-generation intelligence and analytics solutions that deliver up to the minute situational awareness and actionable intelligence for the public and commercial sectors. Haystax uses a combination of software and human analysis to turn large, disparate and unstructured data volumes into comprehensive and actionable information. In essence, these technologies allow users to find “the needle in the haystack” quickly and reliably.

Published in: Technology, Education

Haystax: Actionable Intelligence Platform

  1. 1. 1 Company Facts CYBERSECURITY AND ENTERPRISE THREAT MANAGEMENT SOLUTIONS FORMED in 2012 on a 20 year legacy (Digital Sandbox, FlexPoint, NetCentrics) EMPLOYEES: 350, 90% Cleared COMPETENCIES: Cybersecurity, Information Assurance, Network Management, Advanced Threat Analytics, Innovation Management
  2. 2. 2 Our Core Values Values-Driven Engineering “We apply creative thinking, imaginative engineering, innovative technology, and thoughtful leadership to improve the quality of life”
  3. 3. 3 Our mission To help defend our customers from known and unknown threats to their mission
  4. 4. 4 We Provide Actionable Intelligence For DECISION MAKERS WHO Protect computer networks Protect critical infrastructure & key resources Protect against loss from fraud Protect people from natural hazards & human threats Protect an enterprises ability to compete effectively Manage responses to threats
  5. 5. 5 We Bring New Thinking to our Solutions BUILT ON INDUSTRY THOUGHT LEADERSHIP Multiple patents for analyzing risks that are difficult to quantify Pioneered secure multi-agency collaboration in the cloud Pioneered risk based analytics and mobile apps to deliver insights directly to decision makers Innovate on purposeTM consulting service enables organizations to innovate faster Unique contextual real time streaming analytics platform in the cloud to enable situational awareness
  6. 6. 6 Trusted by a Wide Range of Organizations TO PROVIDE INNOVATIVE THREAT MANAGEMENT SOLUTIONS Deployed Nationwide for Threat & Risk Management We developed the protective intelligence methodology used by the Bill & Melinda Gates Foundation We are the de-facto standard for risk management for major national events requiring multi-agency collaboration We are used by 15 of the 20 largest urban areas to keep their citizens & assets safe Trusted by Top Defense, Intel & Federal Civilian Agencies We architected, manage & defend some of the most mission critical networks in the US We manage the largest enterprise-wide architecture & worldwide deployments of SCCM & SCOM We deployed the CIA’s first private cloud with AWS
  7. 7. Network Management & Cyber 7 Threat Intelligence
  8. 8. 8 Status Quo: Perimeter Defense Isn’t Sufficient RISK TO DATA AND MISSION CAPABILITIES No industry is immune, no level of technical sophistication is sufficient Real-time visibility & control over the entire at risk environment is critical for CSO’s and CIO’s All security breaches involve people and people are smarter than rules
  9. 9. 9 The Problem: The Signal has become the noise! WHY BRUTE FORCE ANALYTICS DOESN’T WORK Target’s cyber intrusion and subsequent data theft is well known… Target’s cyber detection systems caught the malware (FireEye) Why? 40 million – The number of credit and debit cards thieves stole from Target between Nov. 27 and Dec. 15, 2013 “They are bombarded with alerts” - Source Bloomberg “The alert from FireEye labeled the threat with the generic name – malware.binary” Source Bloomberg Systems that generate too many false positives are a nuisance Information needs to be prioritized and understood to be ACTIONABLE “Target says it declined to act on early alert of cyber breach” - Source Bloomberg
  10. 10. 10 What is needed: Dynamic risk-based approach Predict Risk Catalog Assets Detect Threats Mitigate Vulnerabilities Prioritized Incidents/Threats Operating Systems Network, Asset & Identity Context Normalization & Categorization Event Logs, Correlation & Flow Data Web Servers Switches Routers IDS/IPS Firewall Applications Real-Time Collection, Normalization & Analysis Unified IT Security & Risk Posture Actionable Insight Reduced Operational Effort For Any Size Organization
  11. 11. 11 Our risk-based approach: Unified Threat Management THE FOUNDATION FOR OUR CYBER THREAT INTELLIGENCE SOLUTIONS System Hardening/App Protection/Secure Coding Encryption, PKI Enterprise Services (DNS, DHCP, etc) Secure Systems Development Lifecycle External Mandates Vulnerability Management Universal Log Management Sensors & Response Universal Log Management Software Configuration Management Risk Management Platform Correlation & Analysis Asset & Network Management Network Access Control Network & Access Management Database of Asset Inventories
  12. 12. 12 Benefits End-to-End Cyber Intelligence Platform for Situational Awareness & Analysis Complete understanding of the overall at-risk environment to protect Contextually integrate internal and external data sources Early detection of threats & ability to correlate to the at-risk environment Dynamic risk-based prioritization of information identifies what is most important Specialized cyber analyst-centric tools to support collaboration and digital cataloging of analysis workflows CSO, CISO Analyst Infrastructure & Assets End Users
  13. 13. 13 Brought the Pentagon back online post September 11 attack in less than 24 hours Haystax NetCentrics MISSION CRITICAL NETWORK PROTECTION SERVICES
  14. 14. 14 Public Safety & Enterprise Threat Management
  15. 15. 15 Public Safety & Enterprise Threat Management ENABLING RISK INFORMED DECISION MAKING Broader visibility | Reduced Response times| Prioritized resource allocation Profile overall enterprise threat and risk Monitor continuously and broadly against that profile Prioritize and route critical information for Implement collaborative, dynamic situational awareness action
  16. 16. 16 Informed Decision Making Needs Context CONTEXT ENABLES DECISION MAKER TO UNDERSTAND ALL THE DATA Into one screen Swivel-chair situational awareness Contextual situational does not scale awareness anywhere …and one app Haystax Analytics & visualization can put all the information that goes here
  17. 17. 17 The Constellation Analytics PlatformTM OPTIMIZES MACHINE AND HUMAN PROCESSING OF DATA Physical Enterprise Calls for HR Data Service News & Social Communications Enterprise Data Assets/CIKR Archive DB Web Low Priority Channels Domain Ontology NLP Entity Resolution Geo Reasoning Association Analysis Scoring Data Collection & Pre-Processing Analytic Processing Mobile 3rd Party Triage Timeline Map Alerts Visual Interaction Canvases Reports Feeds Network Alerts Know & Act Patent # 8874071
  18. 18. 18 Decision Makers are Increasingly Mobile ACTIONABLE INTELLIGENCE BEYOND OFFICE WALLS Powerful native apps with easy self configuration and usability Reporting, Assessments & Monitoring seamlessly integrated Secure online/offline data access from anywhere
  19. 19. 19 Haystax Analytics Helps First Responders BY SEAMLESSLY TYING INFORMATION TO THEIR OPERATIONAL PROCESS Unified system of records that can be accessed from anywhere, anytime Fuse data streams from existing systems into “channels” of prioritized operational information Secure cross organization information sharing & collaboration
  20. 20. 20 Haystax Analytics Helps Commanders BY PROVIDING CONTEXTUAL SITUATIONAL AWARENESS WHEREVER THEY ARE User interface designed to focus user to hot spots and key alerts Holistic presentation framework that optimizes based on device, role, location, time, context Information is prioritized based on relevance to the user
  21. 21. 21 Haystax Analytics Helps Analysts BY MAKING IT EASY TO INTERACT WITH REAL TIME DATA IN REAL TIME Monitor categorized & prioritized data feeds from multiple sources Make predictions based on trends and intensity of data Use dynamically generated profiles of to discover links & associations
  22. 22. 22 >25 mile radius monitored Haystax Analytics in Action LAST FIVE SUPER BOWLS RESULTS FROM SUPER BOWL XLVIII 312 events monitored 50+ agencies collaborated 600 real-time data feeds 238 assets protected 345 incidents managed In the command center Forward deployed Mobile Apps
  23. 23. 23 Haystax Analytics in Action California Emergency Operations Center Haystax provides the analytic back-bone for total situational awareness 100% cloud based Integrates hundreds of real time information sources across the state Information is prioritized and routed automatically to personnel on the State-wide situational awareness from one ground as needed screen
  24. 24. 24 Haystax Analytics in Action Houston Critical information is available in under a minute v. over an hour Uses Haystax as the platform for managing risk based data on physical structures and improving first responder actions 100% cloud based Mobile apps for data collection and field reporting Leverages Haystax’s ability to secure critical private sector data and secure sharing of information between private and public sectors
  25. 25. 25 Incident Reporting & Event Tracking Contextual Monitoring of Threats & Risks Nationwide School Safety POWERED BY OUR ANALYTIC PLATFORM School Safety Master Data Management .
  26. 26. 26 Innovation
  27. 27. 27
  28. 28. 28 We are advancing the status quo in threat analytics with innovative techniques & technologies Designing elegant solutions for complex analytic challenges Our patented prioritization algorithms excel where the noise to signal ratio is high Our ‘whole person’ Bayesian model specializes in behavioral threat detection Our visualizations enable informed decision making
  29. 29. 29 Our Response to Traditional Brute Force Enterprise Threat Analytics CARBON Bayesian model designed to solve high noise-to-signal data problems Automatically aligns alert quality to available investigation resources Eliminates scaling problems of traditional rules based systems
  30. 30. 30 How Carbon Works MATHEMATICAL MODELING OF EXPERTS + RISK RANKING + CONTINOUS EVALUATION = AUTOMATED THREAT AWARENESS Experts Data HUMINT Counterintelligence Medical Criminal Investigators Command Peers Family Psych Subject IT Security Backgroun d Check Peers & Family + $ = Financial Records Public Records HR Record Web and Social Media Continuously prioritized risk based ranking
  31. 31. 31 Carbon is a Threat Optimization Solution IT DOES NOT REMOVE ALERTS, JUST TELLS YOU WHICH ARE IMPORTANT AND WHY Automated continuous evaluation and re-prioritization enables sustained success Can be deployed on top of 3rd party alerting products
  32. 32. 32 Carbon Value Proposition STOP LOOKING AT ALERTS, START ACTING ON THEM BY KNOWING YOUR RISK Compare subject to peer groups and historic changes Up to 10x improvements in investigation productivity in risk profile Separates the critical from the mass and lets the analyst know Full traceability from results to the source data
  33. 33. 33 EXPERTISE: Enabling Enterprise Clouds Without the Drama HAYSTAX CANOPY CLOUD ACCELERATORS ARE THE FASTEST WAY TO A SECURE CLOUD Cloud enable Microsoft to any cloud 90 days, fixed cost none to done guarantee Microsoft Gold Certified Partner Selected by Microsoft to build their reference Azure package for the US Intel Community
  34. 34. 34 INNOVATE ON PURPOSETM: OVO EXPERTS WORKING TO REINVIGORATE INNOVATION SKILLS, INSIGHTS AND COMPETENCIES IN ANY ORGANIZATION Proven “Innovate on Purpose” methodology Innovation change management consulting Rapid disruptive innovation workshops
  35. 35. 35 R&D: Haystax Technology Accelerator DRIVEN TO INNOVATE AND BRING TO MARKET DISTRUPTIVE PRODUCTS Develop advanced concepts Focus on solving the “really hard” problems Advance the state of the art through agile, out-of- the-box thinking
  36. 36. 36 Haystax in the News
  37. 37. 37
  38. 38. 38 Thank You Haystax Technology 8251 Greensboro Drive Suite 1111 McLean, VA 22102 (202) 492-5457 @haystaxtech