DATASHEET
SQRRL ENTERPRISE
INTEGRATE. EXPLORE. ANALYZE.
Sqrrl Enterprise links important assets and events, accelerating analyst insight.
You Can’t Analyze What You Don’t See
Every day, more and more data flows inside, outside, and across your
organization. Buried inside this digital footprint is valuable information about
your customers, employees, goods, services, and competition. What if you
could visually explore the context of the actors, assets, and events
represented in all the noise? Now, you can.
Quickly Observe, Understand, and React
Our innovative approach uses a technique called Linked Data Analysis to
identify hidden opportunities and threats represented in massive amounts
of data. The graphical Sqrrl Explorer web interface lets analysts
dive into the information, research the relationships between different
entities, drill down to the underlying data, and rapidly gain understanding
and insight about what’s in their environment.
The Sqrrl Enterprise Edge
Sqrrl Enterprise is a real-time, unified platform for securely integrating,
exploring, and analyzing massive amounts of data from any source.
Sqrrl Explorer User Interface
Sqrrl excels in use cases such as cybersecurity investigation,
healthcare analytics, and national defense/intelligence.
Sqrrl Enterprise Features:
Benefits:
• Web-based data exploration and investigation interface
• User-configurable dashboards
• Secure collaboration on investigative workflows
• Save, share, and replay the steps of an analysis
• Track provenance between raw data and context
• Flexible data mappings and customizable aggregations
• SqrrlQL query language and the Sqrrl Developer API
• Compatibility and integration with all major distributions of
Apache Hadoop™
• Visually navigate the context of the entities and relationships
you care about
• Determine root cause of important events before it’s too late
to respond
• Discover previously unknown patterns in your data and
correlate seemingly unrelated events
• Anticipate and preempt potential issues before they surface
• Enrich existing solution data and alerts by adding context
from varied data sources
• Lower the costs of managing data with a single tool suite for
secure data exploration, processing, and reporting
Integrate. Explore. Analyze. | Page 2
Visual Contextual Navigation
Using the Sqrrl Explorer interface, analysts can expand
and follow the paths between different types of
connections among their linked data, surgically
uncovering important information without needing to craft
and execute a query.
What People Are Saying
Dashboards & Reports
“Sqrrl Enterprise has the
potential to dramatically simplify
Big Data analysis by providing a
unified platform to securely
explore relationships in disparate
datasets and analyze those
datasets for trends and
anomalies.”
Automated Analyst Insight
Sqrrl records data in its raw form, mapping it into a linked
graph of entities and relationships via our automated
knowledge extraction process. Analysts can investigate
details and trace information back to its raw form in a
single click. Sqrrl Enterprise will also aggregate and index
data as it is consumed, allowing for rapid information
retrieval.
Secure Collaboration
Through Sqrrl’s Data-Centric Security, analysts can
securely collaborate on large, shared data analysis efforts.
Because every field of data is individually protected, Sqrrl
Enterprise can unify all an organization’s data and only
present to analysts what they’re authorized to see.
– David Vellante, Chief Analyst at
Wikibon.org
Explorer
Raw Data Sources
Sqrrl data flow
Integration and Customization
Sqrrl Enterprise sits on top of Apache Hadoop™ and Apache Accumulo™, leveraging the benefits of
distributed, fast, scale-out storage with open-source software. We provide the interfaces that allow
for flexible customization and interactivity with other Hadoop-compatible components, as well as
external platforms and tools. Developers can use and extend Sqrrl’s features with the Sqrrl API,
powering their own custom applications.
Scale Effortlessly
Our adaptive architecture lets you modify your capacity on-demand, without having to redeploy
existing code or infrastructure. We support on-premises, bare metal install, or private + public
cloud infrastructure.
Who We Are For
• Cybersecurity analysts looking to find threats that their SIEMs and firewalls miss.
• Defense and Intelligence analysts tracking patterns of life across Multi-INT data sources.
• Healthcare analysts that want to find fraud, waste, or abuse in payments.
• Financial analysts trying to detect hidden operational, credit, or market risks.
“The best defense against
modern threats requires finding
the adversary first, on your own
terms. Put yourself in a position
to be the first to know, by using
advanced analytical tools like
Sqrrl.”
– Richard Bejtlich, Chief Security
Strategist, FireEye
Security Analytics Use Case
Sqrrl Enterprise powers Big Data
Security Analytics for incident
handlers and responders. It
allows them to investigate
suspicious behavior, pinpoint the
actors involved, and assess
impact to the organization. Sqrrl
consumes diverse cyber datasets,
such as network traffic logs,
identity context, external
intelligence feeds, DNS capture,
email/social media activity, and
customer transactions. These
datasets are analyzed to detect
suspicious behavior, and matches
are visualized for deeper review.
Access to sensitive data, such as
PII, can be restricted based on
organizational roles.
ABOUT SQRRL
Sqrrl was founded in 2012 by creators of Apache Accumulo™. With their roots in the U.S. Intelligence Community, Sqrrl’s founders have deep experience
analyzing complex petabyte-scale datasets. Sqrrl is headquartered in Cambridge, MA and is a venture-backed company with investors from
integrating and
Matrix Partners
and Atlas Venture.
130 Prospect Street
p: (617) 902-0784
www.sqrrl.com
Cambridge, MA 02139
e: [email protected]
@SqrrlData