Devo acquires Kognos to build a next-gen 'Autonomous SOC'. Learn more!

Menu

Alert/Triage Investigator

Investigate and retrace the attack path associated with every alert at machine speed.

Eliminate Risks from Alert Deluge

An astounding 93% of alerts are overlooked by most security teams as they are overwhelmed and desensitized by the deluge of alerts. Analysts are inadvertently spending less and less time investigating each alert as they try to maximize the number of alerts they triage and investigate, resulting in lowered efficacy.

Enable Autonomous Alert Investigations

The Kognos Autonomous Alert Investigator empowers security analysts with an autonomous threat hunting system that investigates and retraces the attack path associated with every alert at machine speed:

  • Fuses events from existing EDR, NDR, SIEM and other telemetry sources into relationship graphs.
  • Ingests alerts from different sources and use an AI powered inquiry engine to ask thousands of forensic questions at machine speeds.
  • Mines relationships and autonomously investigate malicious users or external actors throughout the network.
  • Presents findings as attack storylines, allowing the analyst to respond in real-time.

HOW IT WORKS

RELATIONSHIP GRAPH ENGINE

The relationship graph engine interprets incoming events and forms relationship graphs which are essential in understanding the full scope and impact of the attack as it allows the system to cumulatively look at risk across the entire activity

AI-DRIVEN INQUIRY ENGINE

The AI-driven inquiry engine will investigate hundreds of billions of relationships by asking thousands of forensic questions per second to identify relevant evidence highlighting the entire attacker’s path

STORY GENERATION ENGINE

The story generation engine continuously fuses the evidence to form easily understandable stories and timelines of the entire attack allowing the analysts to respond in real-time

By taking the manual process of investigations off the security analyst’s shoulders, security teams can now understand complete attack campaigns in real-time, reducing the cost of investigations without compromising the number of alerts investigated.

How Security Analysts and SOC Teams Leverage Kognos

  • Eliminate alert fatigue and investigate complete attack campaigns - not just alerts.
  • Eliminate tool and data fatigue with one integrated platform that seamlessly ingests alerts from different sources.
  • Respond to attacker movement in real-time.
  • Review historical stories from past investigations over months for users and devices.
  • Put devices on watchlist by configuring continuous hunts on suspected devices to continuously monitor them.

Learn More

Download the Kognos Autonomous Alert Investigator datasheet for more details about:

  • Easy set up
  • Fully autonomous continuous alert triage and investigations
  • Review historical trends
  • Proactively monitor users and devices
  • API Integrations
  • SIEM Integrations
  • NDR Integrations
  • Endpoint data integrations
Kognos continuously monitors billions of relationships to detect suspicious behavior. Once detected, Kognos uses an AI powered inquiry engine to ask thousands of forensic questions per second to fully contextualize the attack and present the findings as complete attack campaigns, allowing the analyst to respond in real-time.

Contact

Oxygen Icon Box

2064 Walsh Ave, STE C1
Santa Clara, 
California - 95050

Oxygen Icon Box

info@kognos.io

Copyright © 2021 Kognos, Inc. All Rights Reserved.
envelopemap-markercross linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram