Your AIOps Adoption Partner

www.siscale.com

@siscaleus

linked.com/company/siscale

facebook.com/siscaleai

2Siscale Areas of Expertise

We augment your existing security team at a lower cost than your payroll and we leverage Big Data analytics and automation technologies for security ops. We give you customized machine learning solutions for specific data sets across your assets on premise or in the cloud

Security

We help you manage your ever growing streams of data while gathering actionable insights for data monetization. Gain full visibility within your infrastructure and enable faster and more efficient analysis.

Visibility and Performance

We solve the problem of siloed data residing in infrastructure or applications with a custom approach that truly gives you business insights across the full stack.

Big Data and Analytics

We help you choose a suitable cloud-based service provider for your business, ensure a smooth transition from a traditional data center and fast implementation. Our solutions accelerate your time to market and reduce your cost.

Cloud

We help you incrementally deploy AIOps across the four phases of IT operations-oriented machine learning: visualization and statistical analysis, automated pattern discovery, pattern based prediction, and root cause analysis.

AIOps

Data monetization / Talent / Reduced costs

Challenge

AIOps Adoption

Benefits

Gain value through centralized data and improve key metrics like mean time to response and mean time to resolution.

Become more agile, responsive and efficient by applying automated analysis to your IT data.

Efficiency

Deliverables/Outcomes

SecurityLeverage Machine Learning capabilities and move away from a reactive to a proactive security approach.

Enhance Your SIEM

Transform your IT operations

Enable IT teams to focus more on analysis and optimization by taking tedious manual tasks out of their hands and into automated processes.

Siloed Data

Enabling IT Leaders for Performance Siscale and Elastic Unique Capabilities

Automation

Data Monetization

AIOps: Changing How Businesses Manage IT

We combine big data and AI/ML to enhance and even replace IT operations processes/tasks. Especially monitoring and automation. With proven use cases.

How does Siscale deliver this?

You access the insight and revenue potential of big data. You are more productive, you

move faster, you pay less and your team has more time for the big picture.

The value of AIOps

We know the infrastructure and build on it incrementally. We deliver high quality you can actually afford. We are able to map solutions for your custom business process flowDid we mention proven use cases?

How are you different?

Visualisation and statistical analysisAutomated pattern discovery

Pattern based predictionRoot cause analysis

Recommendations and action

What, more precisely?

Cloud migration

Siloed data

Multiple

vendors

��Noise

I wish I knew earlier

Data overload

�

�

�

IT performance

issuesTo

o

expen

sive

Is there a problem? Why does this happen?

We don’t have data scientists

Journey to AIOps

Dat

a m

onet

izat

ion/

bus

ines

s gr

owth

Steps to implement AIOps

AIOps Roadmap Model

Readiness

POC

Big Data/ML Use cases

Production

Implement/Optimize

Analytics

Islands of automation

AIOps

EducationAdoption

Interdomain automation

Custom ML specific to customer use cases

Your AIOps Adoption Partner

Automated Root Cause Analysis with Elastic Stack

● Designing, integrating and server, storage, network and security for supporting cloud native apps

● Combine solutions to avoid vendor lock-in

● Certified engineers at the highest level on all infrastructure technologies

Infrastructure

7Who we are and what we do?

● Integrate development and operations teams through the adoption of cloud-native technologies

● Full visibility and automation on top of data warehousing solutions

DevOps

● Designing, Implementing and Maintaining Security Analytics for increasing security operations efficiency through automation

● Automation capabilities for improved security

● Augment your existing security team

Security● Talented engineers blazing the

trail for ML and Automation solutions in IT

● Siscale certifies first engineers as experts in Elastic solutions, providing consulting expertise in DevOps, IT infrastructure and Security

● We contribute to the next wave of productivity in IT by helping customers with AIOps adoption, developing custom solutions on top of Elastic Stack

8Winning the race for efficiency in IT

● Siloed teams (Lack of insight across the stack) : DB, Infrastructure, Security, Monitoring Tools, missing CMDB

● Need for fast response and proactiveness

● Multiple simultaneous reasons for failure

● Lots of Logs but not used (properly)

Challenges:

● Reduce Response time through Automation and Algorithms

● Unify Teams through Data using Elastic Stack

● Precision at investigation with Neural Networks (Tensorflow)

● Leverage existing Elastic Stack install base

RCA Enables:

Siscale RCA Implementation

�

�

�

�

�

�

�

�

��

Data Sources (API, Logs, Beats, Anything)

Event1: Root CauseEvent2: Root CauseEvent3: False PositiveEvent4: False PositiveEvent5: False PositiveEvent6: Root Cause

Event1: False PositiveEvent2: Root CauseEvent3: False PositiveEvent4: False PositiveEvent5: False PositiveEvent6: False Positive

9

Your AIOps Adoption Partner

Brute force attack prevention with Elastic Stack

The simplest attacks can have the biggest impact

● Access to critical infrastructure devices

● Creating shadow accounts

● Access to sensitive data

● Can stop business critical services and applications

● Can carry DDoS attacks

● Block user accounts

Consequences

● Requires little effort to use

● Can be carried out by anyone

● Relies on user negligence

Brute Force Attack

From attack initiation to first response in less then a minute with Elastic

Your infrastructureElastic Stack - collects infrastructure events

Elastic Machine Learning detects the high number of failed logins

Watcher

Notifies security team

Initiates command to block the source IP

of the attacker

Your AIOps Adoption Partner

POC - Elastic Stack

Project Milestones - Elastic Stack POC Security Analytics

14

1 2 3 4

Setup

● POC design● Production design

recommendations● Elastic Stack implementation● Elastic-security implementation

Assessment & Initiation

● Scope validation● Team onboarding● Infrastructure

readiness

Analytics

● Data injection● Data transformation● Data presentation● Use Cases Implementation

POC Readout

● Validating Use Cases● Documentation● Production Deployment● Recommendations

• Log ingestion with platform agents (Beats)• Restrict user access based on role (X-Pack

Security)• Potentially compromised account (X-Pack ML)• Automated notifications for security events

(X-Pack Watcher)• Correlate distinct log sources into a single alert

(Logstash)• Dashboards (Visual builder/Vega/Other plugins)• Potential system compromise (X-Pack ML)• Repeated offender (X-Pack ML)• Automate activity initiation on a system based

on a certain event (X-Pack Watcher)• Queue and track security events (Logstash/API)• Haversine function applied on authentication

logs (X-Pack ML)

Use case examples:

*$25,000.00 including travel

Elastic Stack Security Analytics PoC – Success Stories

Urgent care provider with offices in NY, NJ and WA with over 2,500 employees. Agile

and fast with continuous mergers and integrations.

Publishing company based in New York with over 5,000 employees. Globally spread data centers with on-premise,

cloud and hybrid infrastructure.

Challenges:• Need of a Security Analytics solution to serve as a

Forensics and Compliance tool• Lack of specialized staff for handling security

operations• Fast-integration and visibility of new IT

environments as a result to acquisitions

Challenges :• Need for Centralized Log Aggregation• Lack of Security Analytics/Threat Hunting Solution • Siloed organization handling infrastructure• Automation

X-Pack 5 nodes-Security AnalyticsX-Pack 32 nodes-Security Analytics / Log

Agg / APM

• Reference architecture for POC• Production architecture recommendation• POC artifacts Scripted/DevOps

Installation/Scaling• Dynamic data ingestion support with reusable

ingestion pipelines• 100% POC use cases validated• IT staff augmentation with data insight

Security Analytics PoC Results

Focus on relevant events and enable

fast response

Ingest any data source

Automatically initiate activity on another

system

Empower your data with machine

learning

Gain insights into separate data

sources

On the fly dashboards

Unify segregated

data

Collect data from any API based system

Automated file ingestion

Industry standard RBAC

security

Complex alerts

Fast response