Nope – While some of the features of a SIEM are present in Knogin Hunter, it’s not a SIEM, it’s a much more comprehensive Security Analytics and Machine Learning Stack. For example, a Formula One racing car has many of the same features of a Ford Model T, but a Model T probably wouldn’t fare well on a Formula One racetrack.
It’s also not a UBA – Behavioural Analytics is just one part of our platform. Statistically, end users are a big risk on a network so we monitor those behaviors, but configuration mistakes, bad topologies, encrypted malware, etc are also big risks which UBAs don’t detect (and in most cases, SIEMs don’t either). We have combined multiple existing popular technologies into a single unified system, it doesn’t just hunt for rogue employees, anomalies and known attacks, it looks at real Cyber risks to your business, and it is easy to deploy.
If you use a SIEM, it’s probably incredibly expensive to deploy and maintain. You are subject to vendor lock-in and it probably can’t deal with big data. When new products come on the market that you want to avail of, your SIEM is probably not extensible enough. Knogin Hunter is in the cloud specifically so that our team can maintain a consistent global system and adapt it to changes in technology so that all you need to do is focus on the part of your business that makes you money.
If you’re using Legacy Point Tools, welcome to the future with Knogin! We were built for this and the next generation. Legacy Point tools are highly specialised, which makes them very expensive and easy to break, they don’t scale with your business, and you probably need a PhD to operate them too. Knogin Hunter allows you to build your own custom rules so that your previous effort with Legacy Point Tools wasn’t lost if you want to migrate.
If you use Behavioral Analytics tools, or UBA they are probably using data from old behaviors, but with the advent of new technologies, those behaviors likely are not applicable to your business and generate a large number of false positives. Knogin Hunter gives you modern use cases, and the power to build your own too.
The aim of Knogin is to reduce the number of false positives you have, while keeping your environment’s protection current without having to update and patch a complex analytics infrastructure all the time. We use open standards to allow you the flexibility to integrate even bespoke systems so that you can achieve the same benefits as you had with your old system and avail of a new way to defend your organisation.