Qsight IT gives you insight in how we use Metron in securing our customers by continuously analyzing and monitoring users, applications, data, and networks. We show you how we implemented Metron as a replacement for our former security platform based on rule-based security. Since we are dealing with a non-conventional use case “serving many customers with one platform,” we developed a business classification module that enables us to score threats according to the customer’s input.
To be future ready, we are working on extending this rule-based way of detection with machine learning models like web defacement, suspicious URL’s, UEBA, and many more to come.
In order to provide all the necessary information to the SOC analysts at a glance, we are developing a custom SOC application from where they can handle security alarms, analyze captured data, and have historical data at hand. We regard our new Metron based Security Platform as an emerging giant—a future-proof cyber security platform!