S I R E N
Fraud and cyber threats investigation
Complete investigation platform
Investigating cybersecurity crimes today is a large-scale data problem. Cyberspace is now an important battlespace. The traditional intelligence domains of SIGINT and HUMINT are being augmented by OSINT sources. The fusion of classified information with open sources of information is now a critical part of the landscape of corporate security in companies and national security in public institutions.
Investigative intelligence is a specialized area of data analysis that meets the needs of those looking for bad actors to protect people, networks and assets.
These investigations are the primary focus of law enforcement and intelligence agencies, but they are also essential for uncovering financial criminal activity and cybersecurity threat hunting. These investigations often involve connecting dots in structured (well-defined records) and unstructured (textual and other media data) data into systems and schemas.
SIREN é uma plataforma de IA para investigação baseada em pesquisa. Ela permite que os usuários simplifiquem o processo investigativo, examinando dados, descobrindo conexões e gerando relatórios abrangentes sem esforço.
SIREN is an AI platform for search-based investigation. It allows users to streamline the investigative process by simplify data examining, discovering connections, and generating comprehensive reports.
The SIREN platform combines previously disconnected capabilities such as advanced big data search, link analysis, associative business intelligence dashboards, and big data stream monitoring and alerting capabilities. Analysts are provided with active, investigation-grade dashboards that serve pre-built use cases or act as a starting point for data exploration.
The SIREN Platform
Platform features:
- Easy-to-use AI-powered search for investigations. Siren is a flexible platform that finds previously inaccessible intelligence by connecting disparate data sources and linking to records in your own internal system. Using patented technology, Siren delivers a modern search experience, making advanced intelligence queries accessible to all users. Siren is now available on mobile devices.
- Connect data sources and discover previously inaccessible intelligence. Link your own data to records from the world’s largest intelligence dataset. Use dashboards and filters to expand and view the relevant records you want out of billions. Run intelligence queries, searches for suspicious chart patterns, configure proactive alerts, shortest paths, chart clustering, and chart metrics.
- Real-time content clustering. Siren offers an interesting foundation for searching and analyzing unstructured content, including visual topic clustering, commonly powered by ElasticSearch. Exploration happens in real time, without pre-processing, suitable for live streaming data and investigation-specific content subsets.
- Enterprise-grade security. Access control, auditing and encryption. Siren comes with integrated enterprise access control. You can set your access control at the index, record, or field level, audit user activity, and implement SSL and encryption to protect data and communications.
Use Cases
Fraud Investigation
Looking for internal and external fraud and compliance risks
Fraud, insider threats and risks are big problems for companies around the world. Many companies are struggling internally with the scale of fraud, risk and threat dynamics. They are forming teams to act as an internal policing service for these threats. The tendency is for cyber threats, fraud, financial crime and internal risk to fall under a single operational unit to manage these risks at a corporate level. These units struggle to find a single, unified platform to manage all the challenges they face.
The Siren Platform discovers fraud and investigates risks and threats.
Siren has worked with a number of large corporations in the banking, insurance, retail, technology, large enterprise and consulting sectors to root out fraudulent activity internally and externally. Siren’s ability to quickly integrate structured and unstructured data, process data with entity extraction and NLP, providing out-of-the-box graphs contributes to agility.
Example – Using SIREN in financial sector.
A top 20 European bank, operating in several countries, was experiencing difficulties with cybercrime, financial crime, fraud and insider threat investigations. The team was primarily using tools based on manual file investigation to try to investigate problem areas within the Bank.
The Outcome. A specialized team of investigators across multiple domains (cyber, financial crimes, insider threats, etc.) now has access to a single investigation platform as the starting point for all investigations. With pre-integrations to Data Lake, Splunk, and other key data sources, the foundation for many investigations is laid. Users are now trained on basic search capabilities, performing graphical analysis on Siren (common communicator, shortest path, etc.) and are quickly familiar with using the platform. Users are now able to produce auditable reports that can be defended internally and when necessary, shared with local authorities. This has led to better coordination between the cyber team and the financial crime team. Additionally, the Risk and Compliance unit has a much better track record of actions taken when dealing with local regulators interested in seeing action on money laundering, KYC and cybercrime.
Cyber Threat Investigation
Searching for cyber threats in oceans of data.
Those responsible for protecting the most sensitive and critical networks are proactive in their posture against threats. They have a lot of data, internal vendor data, free open sources. But among billions of rows of data, how do you stay alert to what is relevant and what is a real and present threat? How do you know what matters? What if you miss something very subtle?
Alert to what’s urgent, prioritize your actions and find suspicious actors before damage is done!
The Siren Platform offers research to find threats through correlations.
Siren has been widely used in government and corporate threat hunting scenarios. The unique ability to perform big data matching at scale through search engine technology (Elasticsearch) leads to unprecedented insights into large data streams. With large-scale data correlations, you can understand what’s urgent and what’s important in data, prioritize actions, and find suspicious actors before they cause harm. And with the ability to visualize knowledge graphs and alerts on specific search patterns, Siren offers a huge level of comfort to the threat analyst. Siren enables rapid integration of internal, commercial, and OSINT data sources into a single platform.
Example – Using SIREN in the area of national security in the public sector.
Monitoring cyber threats to critical national security infrastructures. A large Western country was creating a national cyber monitoring service to help protect critical national infrastructure. This was a major challenge in quickly establishing a service as foreign cyber attacks became more and more of an issue.
The Outcome. A coherent investigative tool for cyber analysts. The agency’s cyber analysts now have a single desktop in Siren to search, investigate, and perform graphical analysis to identify key threats to critical infrastructure. Multiple data feeds are now merged with the Siren data model. There is now a consistent investigative process in dealing with threats, the way they are detected, alerted and the creation of intelligence reports.
We want to hear from you !
Brazil
+55 (11) 2389-1106 | contato@imexperts.com.br
Av. das Nações Unidas 14261, Torre B, 25 Andar, Conj. 2501B
São Paulo – SP | 04794-000
SCS QD 9 Torre C, Ed. Parque Cidade Corporate, 10°
Brasília – DF | 70308-200
Mexico
+52 (55) 9183-2049 | comercial@imexperts.com.mx
Prolongación Paseo de la Reforma 1015 - Piso 7
Lomas de Santa Fe, Cuajimalpa,
Ciudad de México | 05348