Haystax Technology, Inc. provides next-generation intelligence and analytics solutions that deliver up to the minute situational awareness and actionable intelligence for the public and commercial sectors. Haystax uses a combination of software and human analysis to turn large, disparate and unstructured data volumes into comprehensive and actionable information. In essence, these technologies allow users to find “the needle in the haystack” quickly and reliably.
Boost Fertility New Invention Ups Success Rates.pdf
Haystax: Actionable Intelligence Platform
1.
2. 1
Company Facts
CYBERSECURITY AND ENTERPRISE THREAT MANAGEMENT SOLUTIONS
FORMED in 2012 on a 20 year legacy
(Digital Sandbox, FlexPoint, NetCentrics)
EMPLOYEES: 350, 90% Cleared
COMPETENCIES: Cybersecurity,
Information Assurance, Network
Management, Advanced Threat
Analytics, Innovation Management
3. 2
Our Core Values
Values-Driven Engineering
“We apply creative thinking, imaginative engineering, innovative
technology, and thoughtful leadership to improve the quality of
life”
4. 3
Our mission
To help defend our customers from known
and unknown threats to their mission
5. 4
We Provide Actionable Intelligence For
DECISION MAKERS WHO
Protect computer networks
Protect critical infrastructure & key resources
Protect against loss from fraud
Protect people from natural hazards & human
threats
Protect an enterprises ability to compete
effectively
Manage responses to threats
6. 5
We Bring New Thinking to our Solutions
BUILT ON INDUSTRY THOUGHT LEADERSHIP
Multiple patents for analyzing risks that are difficult
to quantify
Pioneered secure multi-agency collaboration in the
cloud
Pioneered risk based analytics and mobile apps to
deliver insights directly to decision makers
Innovate on purposeTM consulting service enables
organizations to innovate faster
Unique contextual real time streaming analytics
platform in the cloud to enable situational awareness
7. 6
Trusted by a Wide Range of Organizations
TO PROVIDE INNOVATIVE THREAT MANAGEMENT SOLUTIONS
Deployed Nationwide for Threat &
Risk Management
We developed the protective
intelligence methodology used by the
Bill & Melinda Gates Foundation
We are the de-facto standard for risk
management for major national events
requiring multi-agency collaboration
We are used by 15 of the 20 largest
urban areas to keep their citizens &
assets safe
Trusted by Top Defense, Intel
& Federal Civilian Agencies
We architected, manage & defend some
of the most mission critical networks in
the US
We manage the largest enterprise-wide
architecture & worldwide deployments of
SCCM & SCOM
We deployed the CIA’s first private cloud
with AWS
9. 8
Status Quo: Perimeter Defense Isn’t Sufficient
RISK TO DATA AND MISSION CAPABILITIES
No industry is immune, no level of
technical sophistication is sufficient
Real-time visibility & control over the
entire at risk environment is critical
for CSO’s and CIO’s
All security breaches involve people
and people are smarter than rules
10. 9
The Problem: The Signal has become the noise!
WHY BRUTE FORCE ANALYTICS DOESN’T WORK
Target’s cyber intrusion
and subsequent data theft
is well known…
Target’s cyber detection systems
caught the malware (FireEye)
Why?
40 million – The number of credit and debit
cards thieves stole from Target between Nov.
27 and Dec. 15, 2013
“They are bombarded with alerts”
- Source Bloomberg
“The alert from FireEye labeled the threat
with the generic name – malware.binary”
Source Bloomberg
Systems that generate too many
false positives are a nuisance
Information needs to be
prioritized and understood to
be ACTIONABLE
“Target says it declined to act on early
alert of cyber breach”
- Source Bloomberg
11. 10
What is needed: Dynamic risk-based approach
Predict Risk
Catalog Assets Detect Threats Mitigate Vulnerabilities
Prioritized Incidents/Threats
Operating
Systems
Network, Asset & Identity Context
Normalization & Categorization
Event Logs, Correlation & Flow Data
Web
Servers
Switches Routers IDS/IPS Firewall Applications
Real-Time
Collection, Normalization &
Analysis
Unified IT Security & Risk
Posture
Actionable Insight
Reduced Operational Effort
For Any Size Organization
12. 11
Our risk-based approach: Unified Threat Management
THE FOUNDATION FOR OUR CYBER THREAT INTELLIGENCE SOLUTIONS
System Hardening/App Protection/Secure Coding
Encryption, PKI
Enterprise Services (DNS, DHCP, etc)
Secure Systems Development
Lifecycle
External
Mandates
Vulnerability
Management
Universal Log
Management
Sensors &
Response
Universal Log
Management
Software
Configuration
Management
Risk Management
Platform
Correlation &
Analysis
Asset & Network
Management
Network Access
Control
Network & Access
Management
Database of Asset
Inventories
13. 12
Benefits
End-to-End Cyber Intelligence Platform for Situational Awareness & Analysis
Complete understanding of the overall at-risk
environment to protect
Contextually integrate internal and external
data sources
Early detection of threats & ability to correlate
to the at-risk environment
Dynamic risk-based prioritization of
information identifies what is most important
Specialized cyber analyst-centric tools to
support collaboration and digital cataloging of
analysis workflows
CSO, CISO Analyst
Infrastructure & Assets End Users
14. 13
Brought the Pentagon back online post
September 11 attack in less than 24
hours
Haystax NetCentrics
MISSION CRITICAL NETWORK PROTECTION SERVICES
16. 15
Public Safety & Enterprise Threat Management
ENABLING RISK INFORMED DECISION MAKING
Broader visibility | Reduced Response times| Prioritized resource allocation
Profile overall
enterprise threat and
risk
Monitor continuously
and broadly against
that profile
Prioritize and route
critical information for
Implement collaborative,
dynamic situational
awareness
action
17. 16
Informed Decision Making Needs Context
CONTEXT ENABLES DECISION MAKER TO UNDERSTAND ALL THE DATA
Into one screen
Swivel-chair situational awareness
Contextual situational
does not scale awareness anywhere
…and one app
Haystax Analytics &
visualization can put all the
information that goes here
18. 17
The Constellation Analytics PlatformTM
OPTIMIZES MACHINE AND HUMAN PROCESSING OF DATA
Physical
Enterprise
Calls for HR Data
Service
News & Social Communications Enterprise Data
Assets/CIKR
Archive DB Web
Low Priority Channels
Domain Ontology
NLP
Entity Resolution
Geo Reasoning
Association
Analysis
Scoring
Data Collection
& Pre-Processing
Analytic
Processing
Mobile
3rd Party
Triage Timeline Map
Alerts Visual Interaction Canvases Reports
Feeds
Network Alerts
Know & Act
Patent # 8874071
19. 18
Decision Makers are Increasingly Mobile
ACTIONABLE INTELLIGENCE BEYOND OFFICE WALLS
Powerful native apps with easy self
configuration and usability
Reporting, Assessments & Monitoring
seamlessly integrated
Secure online/offline data access from
anywhere
20. 19
Haystax Analytics Helps First Responders
BY SEAMLESSLY TYING INFORMATION TO THEIR OPERATIONAL PROCESS
Unified system of records that can be
accessed from anywhere, anytime
Fuse data streams from existing
systems into “channels” of prioritized
operational information
Secure cross organization information
sharing & collaboration
21. 20
Haystax Analytics Helps Commanders
BY PROVIDING CONTEXTUAL SITUATIONAL AWARENESS WHEREVER THEY ARE
User interface designed to focus user
to hot spots and key alerts
Holistic presentation framework that
optimizes based on device, role,
location, time, context
Information is prioritized based on
relevance to the user
22. 21
Haystax Analytics Helps Analysts
BY MAKING IT EASY TO INTERACT WITH REAL TIME DATA IN REAL TIME
Monitor categorized & prioritized data
feeds from multiple sources
Make predictions based on trends and
intensity of data
Use dynamically generated profiles of to
discover links & associations
23. 22
>25 mile
radius monitored
Haystax Analytics in Action
LAST FIVE SUPER BOWLS
RESULTS FROM SUPER BOWL XLVIII
312 events
monitored
50+ agencies
collaborated
600 real-time
data feeds
238 assets
protected
345 incidents
managed
In the command center Forward deployed Mobile Apps
24. 23
Haystax Analytics in Action
California Emergency Operations Center
Haystax provides the analytic back-bone
for total situational awareness
100% cloud based
Integrates hundreds of real time
information sources across the state
Information is prioritized and routed
automatically to personnel on the
State-wide situational awareness from one ground as needed
screen
25. 24
Haystax Analytics in Action
Houston
Critical information is available in under a
minute v. over an hour
Uses Haystax as the platform for managing risk
based data on physical structures and
improving first responder actions
100% cloud based
Mobile apps for data collection and field
reporting
Leverages Haystax’s ability to secure critical
private sector data and secure sharing of
information between private and public sectors
26. 25
Incident Reporting &
Event Tracking
Contextual Monitoring of
Threats & Risks
Nationwide School Safety
POWERED BY OUR ANALYTIC PLATFORM
School Safety Master
Data Management
.
29. 28
We are advancing the status quo in threat analytics with
innovative techniques & technologies
Designing elegant
solutions for complex
analytic challenges
Our patented prioritization
algorithms excel where the noise to
signal ratio is high
Our ‘whole person’ Bayesian model
specializes in behavioral threat
detection
Our visualizations enable informed
decision making
30. 29
Our Response to Traditional Brute Force Enterprise Threat Analytics
CARBON
Bayesian model designed to solve high
noise-to-signal data problems
Automatically aligns alert quality to
available investigation resources
Eliminates scaling problems of
traditional rules based systems
31. 30
How Carbon Works
MATHEMATICAL MODELING OF EXPERTS + RISK RANKING + CONTINOUS EVALUATION =
AUTOMATED THREAT AWARENESS
Experts Data
HUMINT
Counterintelligence
Medical
Criminal Investigators
Command
Peers
Family
Psych
Subject
IT Security
Backgroun
d Check
Peers &
Family
+ $
=
Financial
Records Public
Records
HR
Record
Web and Social
Media
Continuously
prioritized risk based
ranking
32. 31
Carbon is a Threat Optimization Solution
IT DOES NOT REMOVE ALERTS, JUST TELLS YOU WHICH ARE IMPORTANT AND WHY
Automated continuous evaluation
and re-prioritization enables
sustained success
Can be deployed on top of 3rd
party alerting products
33. 32
Carbon Value Proposition
STOP LOOKING AT ALERTS, START ACTING ON THEM BY KNOWING YOUR RISK
Compare subject to peer
groups and historic changes
Up to 10x improvements in
investigation productivity
in risk profile
Separates the critical from the
mass and lets the analyst know
Full traceability from results to the
source data
34. 33
EXPERTISE: Enabling Enterprise Clouds Without the Drama
HAYSTAX CANOPY CLOUD ACCELERATORS ARE THE FASTEST WAY TO A SECURE CLOUD
Cloud enable Microsoft to any cloud
90 days, fixed cost none to done
guarantee
Microsoft Gold Certified Partner
Selected by Microsoft to build their
reference Azure package for the US
Intel Community
35. 34
INNOVATE ON PURPOSETM: OVO
EXPERTS WORKING TO REINVIGORATE INNOVATION SKILLS, INSIGHTS AND
COMPETENCIES IN ANY ORGANIZATION
Proven “Innovate on Purpose”
methodology
Innovation change management
consulting
Rapid disruptive innovation workshops
36. 35
R&D: Haystax Technology Accelerator
DRIVEN TO INNOVATE AND BRING TO MARKET DISTRUPTIVE PRODUCTS
Develop advanced concepts
Focus on solving the “really hard” problems
Advance the state of the art through agile, out-of-
the-box thinking
39. 38
Thank You
Haystax Technology
8251 Greensboro Drive
Suite 1111
McLean, VA 22102
(202) 492-5457
@haystaxtech
www.haystax.com
Notas do Editor
At Haystax, we have been thinking about this for a long time – in fact before big data was big….in fact, we started when there was no data at all for some of our analytic challenges. When there is no data, basically you’re dealing with ALL data. The ‘true big data problem’!
We had to invent a way to deal with data at that scale. That led to our RIN algorithm that now powers our platform.
Our unique IP starts from the way we formulate the problem, to how we then go about mapping the data to the problem and all the way to gaining access to the data and doing it in way that is very fast for the customer. An analytic solution is only useful when it can be delivered in a timely manner.
So, what is the result of this IP? The Constellation Platform…
The constellation platform is the result of our R&D efforts over the last 10 years!
It’s built using the most modern open source analytic technologies – we are using the same frameworks that products like Twitter and facebook use…it’s all proven. In some cases we had to optimize the technologies to make it do what we wanted.
The most important thing is that Constellation is ready to use. It isn’t something we build from scratch for our customers. It just works….
How does it work? That’s the section in the middle
Finally, we present the information through defined visual canvases. What is important to remember is that the end user does not need to do anything to generate these views.
So how is this used?
Let’s look at it from the position of decision makers: Starting with an analyst.
We are looking at three screens that show analytic fusion from Constellation…
You can explain the text…
It’s about non technical users such as commanders being self sufficient in using analytics to make decisions. We are breaking the typical mold of analytic applications. We are not focusing on eye candy, but on decision centric presentations and interaction models.
So, who are our customers?
It’s a combination of customers across the public sector industry…
Explain some highlights. So let’s look at what we mean by the Public safety ecosystem…next slide
A whole combination of functions….connecting multiple agencies and stakeholders together.
You can explain the various examples of public safety apps described here.
Let’s look at some examples of customers…
Cloud enables you to grow faster. You can grow what is working…you can increase stakeholder participation more easily.
Our ability to deploy quickly….
Describe all the places we are used and how we connect everyone together….we are also doing NJ this year.
These are some examples of public safety customers..
Let now look at examples of secure collaboration and information sharing examples
Flexpoint is our branded offering for secure cloud collaboration apps. So what is powered by flexpoint today?
See the ipad the POTUS is using? It’s a FlexPoint app
Microsoft came to us to help them build a reference Azure application for the the IC. It’s called Azure Canopy and we are co-branding it with Microsoft.
What else have we done…with AWS we did….
We are now considered an industry reference in the IC.
Cloud improves provisioning of secure apps.
SharePoint, Link…
DTaaS should be about improving the user experience. We have worked with MSFT on creating a reference desktop based on familiar collaboration and productivity tools.
It’s not just about analysts, it also about pushing intelligence out to the field in mission critical situations.
It’s not just about analysts, it also about pushing intelligence out to the field in mission critical situations.
Summary…we are going to challenge the status quo….we are in the process of building a strong company and brand.
Bill 1
We are also at the forefront of next generation analytic challenges…
Explain this…
Our delivery approach is an important aspect of who we are a company.
Summary…we are going to challenge the status quo….we are in the process of building a strong company and brand.
Summary…we are going to challenge the status quo….we are in the process of building a strong company and brand.
Summary…we are going to challenge the status quo….we are in the process of building a strong company and brand.
Summary…we are going to challenge the status quo….we are in the process of building a strong company and brand.
Summary…we are going to challenge the status quo….we are in the process of building a strong company and brand.
Summary…we are going to challenge the status quo….we are in the process of building a strong company and brand.
Summary…we are going to challenge the status quo….we are in the process of building a strong company and brand.