Contact Us

Please use the form on the right to contact us.  We appreciate your feedback!

Insight Engines

301 Howard St, Suite 830
San Francisco, CA 94105

+1 (415) 935 0883

Insight Engines' products make complex machine generated data accessible by anyone, using conversational English.

SiteV3.jpeg

CSI

Cyber Security Investigator (CSI) is a natural language search assistant that enables analysts to get more meaning from their data faster, reducing enterprise risk.

Cyber Security Investigator (CSI)

Insight Engines CSI is the natural language search assistant that empowers analysts to quickly derive actionable meaning from big data, in order to discover and triage security issues faster, reducing enterprise risk.


Instant Productivity: Search Less, Analyze More

As more teams standardize on Splunk as their big data warehouse, analysts spend hours digging through the Splunk Processing Language (SPL) in order to translate their time-critical questions into tangible results.  Escape countless cycles of researching syntax, searching, and refining queries.  With CSI, analysts recover faster from search fatigue and save time to focus on what matters most: analyzing and acting on results.


Accelerate Training

  • Expand your hiring pool
  • Reduce training time of new hires from months to days
  • Utilize CSI as an on the job Splunk training tool, while solving real world problems
  • Experts use CSI as an “SPL shortcut” to creatively hunt for new threats


Maximize Splunk Usage: Escape Dashboard Silos, Allow Anyone to Search, Ask For Anything

Artboard 4.png

Expensive and slow queries are toxic.  They kill Splunk infrastructure performance and waste precious resources.  Many experts spend countless hours building carefully crafted dashboard silos, to help guide novices on where to look and how to think about their data.   CSI combines its powerful natural language search with Splunk's built-in data model acceleration and Common Information Model (CIM), so that anyone can ask questions that are always fast and efficient -- no matter your Splunk skill-level.


Rapid Install

  • CSI is a Splunk App that’s entirely local to your search head cluster (no cloud required)
  • Installs in less than an hour
  • No additional hardware required
  • Less than 1% added query load
  • Consistently generates highly optimized SPL


Reduce Enterprise Risk: Discover More, Think Creatively, Inspire Change

Artboard 1.png

Today's threat landscape is constantly evolving.  Attackers are constantly finding new, creative ways to compromise organizations.  To successfully deter and defend against attacks at scale, firms need to empower security analysts to think creatively while simultaneously building automation to effectively process epic datasets.  While trying to scale their sources, many analysts are forced to focus on acquiring and optimizing their threat intelligence with no time left for creative thought.  Instead of drowning amid the sea of big data, CSI helps analysts focus and act on search results, rather than be distracted with perpetual optimization issues.


Concept Driven: Beyond Dictionaries, Constantly Learning, Intuitive Search

Artboard 5.png

Security operations teams struggle to find a balance between responding and reacting to existing threats versus hunting for new threats. To manage the volume of threat response, teams adopt systematic mechanisms, automation, and finely tuned processes in the form of "run books" to ensure consistency during triage.  Because attackers constantly change their tools, tactics, and procedures, complete threat discovery can never be fully automated.

CSI is a concept engine that learns from analyst driven data sources and real-time queries.  With CSI's natural language search, analysts are empowered to develop threat response and discovery plans using their own words, knowing that CSI will consistently translate these concepts into actionable results. This speeds up and simplifies “use case” and “run book” creation, reduces workflow maintenance, and enables faster ad-hoc threat hunting when your “run book” falls short during emergent issues.