Exodus Aria ADR

AI/ML SIEM/SOC

4 Top Problems with Threat
Detection and Response

R

Can’t stop unknown attack types

R

Manual intervention is not effective

R

Visibility into all environments

R

Short supply of expertise

ARIA Advanced Detection and Response (ADR)

ARIA Advanced Detection and Response (ADR)

ADR – Solution Architecture

ADR – Solution Architecture

Asset Monitoring for all Cyber
Security Threats

ADR monitors infrastructure for all types of threats 24x7x365
SOC team monitors and acts on alerts generated by ADR

Target Prospects

R
SMB (100-1000) or mid enterprise (1000-5000) users
R
$100 Mil+ (10/10 spend rule)
R
Anyone who requires top level security but doesn’t have the budget or staff to manage it (Govt, Finance, Healthcare, Manufacturing)
R
Anyone reviewing (SIEM, UEBA, NTA, EDR, THREAT INTEL, IPS/IDS, SOAR) you can position us as we are all 7 of these technologies in 1 platform
R
Compliance requirements & reporting – NIST based framework

Points To Make

R
Single most important service to remove greatest amount of risk to organization – Maximum Security ROI
R
Attacks will always make it past point products.
R
Automation – AI/ML/Threat models
R
A la Carte Reporting

Self Managed ROI

R
CAPEX –

  • 7 products in 1 (SIEM, UEBA, NTA, EDR, Threat Intel, IPS/IDS, SOAR)
  • Typically replace 2-5 contracts (even those outside 7 above)
  • Correlates all other tools into one super tool
R
OPEX –

  • Automates 95% of work around threat detection & response
  • 1000’s of man hours automated
  • Managed by 1 person (not team of expensive experts)
  • Provide 24/7 coverage without hiring 2nd and 3rd shifts
  • Train on 1 system

Self Managed Business Value

  • Simpler solution to find, detect & contain with single pain of glass
  • Cut down on technical analyst requirements – AI & ML do the work
  • Allows tier 1 personnel to act as tier 3 analysts
  • Provides cost-effective 24/7 coverage with full automation
  • Offer better protection – find threats your other solutions can miss
  • Provide quicker response
  • Mission Critical Uptime – ability to contain threat network conversation – keep critical devises operational even when under attack

Self Managed Technical Differentiator

  • AI & ML & threat models
  • Automate detection & response for 24/7 coverage
  • No more cumbersome rule set creation
  • Proactive threat hunting done by machines
  • 90% less manual labor to detect, investigate, confirm, contain, remediate
  • Combines the best elements of SIEM, UEBA, NTA, EDR, TI, IDS and SOAR in one platform
  • No expensive senior level staff required to integrate and manage it
  • Comprehensive analytics from logs, network, user, behavior and threat intel
  • Quickly get to threats that matter BEFORE they do harm
  • Complete visibility into customer environment – Remote, prem, cloud, IoT
  • Firewall & network infrastructure, end points, applications, OS, LAN/WAN traffic, Servers, Inter VM communications, DNS, DHCP, Directories, USBs, Server, LAN/WAN Traffic, USB, Users

Managed ROI is 9-1

  • CAPEX –
  • Outsourced SOC (People, Processes, Products)
  • Still have full access to tools like you were sitting in SOC with us
  • Investment protection – switch to self managed and keep full solution intact
  • Predictable cost model based on IP’s
  • 7 products in 1 (SIEM, UEBA, NTA, EDR, Threat Intel, IPS/IDS, SOAR)
  • Typically replaces 2-5 existing contracts (even those outside 7 above)
  • OPEX –
  • Get back 100-1000’s of man hours
  • Get 24/7/365 coverage

Self Managed Business Value

  • Simpler solution to find, detect & contain with single pain of glass
  • Cut down on technical analyst requirements – AI & ML do the work
  • Allows tier 1 personnel to act as tier 3 analysts
  • Provides cost-effective 24/7 coverage with full automation
  • Offer better protection – find threats your other solutions can miss
  • Provide quicker response
  • Mission Critical Uptime – ability to contain threat network conversation – keep critical devises operational even when under attack

Self Managed Technical Differentiator

  • AI & ML & threat models
  • Automate detection & response for 24/7 coverage
  • No more cumbersome rule set creation
  • Proactive threat hunting done by machines
  • 90% less manual labor to detect, investigate, confirm, contain, remediate
  • Combines the best elements of SIEM, UEBA, NTA, EDR, TI, IDS and SOAR in one platform
  • No expensive senior level staff required to integrate and manage it
  • Comprehensive analytics from logs, network, user, behavior and threat intel
  • Quickly get to threats that matter BEFORE they do harm
  • Complete visibility into customer environment – Remote, prem, cloud, IoT
  • Firewall & network infrastructure, end points, applications, OS, LAN/WAN traffic, Servers, Inter VM communications, DNS, DHCP, Directories, USBs, Server, LAN/WAN Traffic, USB, Users

Managed ADR Solution

  • Asset Monitoring for all Cyber Security Threats
  • Threat Analysis and Alerts Incident
  • Escalation Summary and Tracking
  • Best Practices and Triage/Fix Recommendations
  • Ad-Hoc Reporting and Review

Managed ADR Solution

  • Service Hours
  • 24x7x365 Monitoring with Analysis, Alerting and Remediation Recommendations.
  • Security Operations Center Availability
  • ARIA SOC will maintain communications availability 99.9% of the time during a calendar month.
  • Incident Response
  • Upon ARIA SOC engineers determining the occurrence of a security incident, Customer shall receive
  • a response (in the manner pre-selected in writing by Customer) to security incidents within one hour.
  • A “security incident” is defined as a high-risk attack on a monitored device.
  • Change Requests
  • The timelines for the approved change requests received from the Customer to the monitored
  • environment will be based on the discussion with the ARIA Account Manager. For example, custom
  • plug-ins may require a Professional Services engagement. Contact sales@ARIA.com for information.