Table of contents
Welcome to Fluency
This manual helps you get the most out of your log data by using Fluency. We enable organizations to collect, correlate, enhance, retain, search massive and diverse types of audit data while producing the ability to act upon the results. While most people see the majority of log data as garbage, Fluency acts like waste management, generating value from this volume of data. Fluency’s concept is based on “ground truth” – to collect and leverage all infrastructures data source especially in the absence of the traditional enterprise perimeter. All these sources have insight, but when used separately there is no clarity. Fluency’s patented and award-winning correlation engine along with our advanced User and Entity Behavior Analytics (UEBA) capability provides fast and actionable insight while addressing governance and compliance that most SIEM technologies falls short in addressing.
This document addresses the basic use of the Fluency Cloud product. It is divided into a quick start section, architecture & design, and a reference section.
A Need to a New Approach
Security operations are plagued with ever evolving tactics and techniques to not only get at your data but to also cause challenges to its integrity. Core systems like industrial control, healthcare IIoT and more are being breached in a move to disrupt and destroy infrastructure. Nation-States are continuing to take their financial toll on companies as well as stealing their intellectual property. 2020 is seeing the weakest link in the security chain, humans, exploited at all levels through targeted spear phishing, social engineering, and other routes.
Companies are spending millions of dollars each year trying to build up their security layers – unfortunately, there are many weak links being introduced and many products don’t play nice in the security sandbox. Fluency’s cloud-based X-SIEM is that next generation SIEM that goes beyond current SIEM technology limitations with true UEBA, tight integration with many security tools from End Point Detection and Response to Trouble Ticketing Systems tools, bringing them all together in a consolidated approach. Automation and Response are two additional characteristics of that current SIEM’s need to handle and Fluency delivers in multiple ways. Another gap is the need to move away from the need to scripting rules and other actions and Fluency sets the standard here too.
Compliance requirements, while not always front and center, are critical especially if a company is seeking SOC2 Type 1 or Type 2 compliance. Other industry compliance regulations are just a critical, such as HIPAA, FISMA (NIST 800-53 & NIST 800-66r1), PCI-DSS, 23 NYCRR 500, SOX. Fluency addresses many of these needs as it relates to log management:
- Data Retention
- Alert auditing
These and many other features allow organizations to scale to larger information loads while leveraging deployed security products to their fullest. We know once you’ve really used and learned our Fluency tool, you’ll never want anything else.