ActiveGuard® Investigator

NTT Security ActiveGuard Investigator provides cloud-based, real-time access to raw log data to enable efficient investigations and support security, IT and business initiatives. ActiveGuard Investigator is available as a value-added service for our Security Log Monitoring and Log Management clients.

Cloud-Based Raw Log Search

ActiveGuard Investigator GraphSystem logs provide organizations with a wealth of information about their IT infrastructure. This information, however, is often difficult to access, requires support from IT staff and is only used in the event of a compliance audit or security incident.

With easy access and fast search capability, system log data can become an asset for the security team, the IT team and the rest of the organization.

Forensically-Sound, Raw Log Storage

ActiveGuard Investigator Screen ShotAs ActiveGuard collects and analyzes logs, a copy of the raw logs is archived in a secure, cloud-based and forensically-sound log repository. Clients have access to those logs through the ActiveGuard Portal without the need for additional on-premise equipment or an up-front capital investment.

Making log data more accessible enables data-mining of the logs for efficient security and compliance incident investigations. It also supports the measurement of security controls, IT programs and business adoption. Search results can be filtered and mass exported to .XLS format for further analysis.

ActiveGuard Investigator helps clients to:

  • Enable efficient investigations
  • Support security initiatives
  • Uncover hidden IT and business value

Big Data Infrastructure

ActiveGuard Investigator is built on a big data infrastructure, including Hadoop™ for storing large data sets, MapR™ for efficient queries, Elasticsearch® for indexing and Apache Lucene™ for simple and complex searches. These components allow for fast, flexible searches, delivering query results in seconds. Users can create queries using Boolean and wildcard searches.

Features Include:

  • Cloud-Based, Real-Time Access to Raw Log Data
  • Accessible Via the ActiveGuard Portal
  • Big Data Infrastructure for Fast, Efficient Searches
  • Fast, Easy and Flexible Log Search
  • Iterative Drill-Down Capability
  • Forensically-Sound Log Storage
  • Export Search Results to .XLS

What's New

Blog: New and Improved Dridex

Webinar: 2016 Global Threat Intelligence Report Review

White Paper: Defending Against Advanced Persistent Threats - Download

More Information

ActiveGuard Investigator Datasheet

ActiveGuard Investigator Datasheet

Download it now.