We’ve all heard the analogy by Clive Humby before – it’s a popular one people have written about it here, here, and here. But what do you do with that crude oil? You refine it into something more valuable, right? And that’s exactly what appNovi does: we extract data from sources like SIEMs, APIs, and security tools, and then refine it into actionable visualizations that our users can use to make better decisions. Positive outcomes include maintaining complete asset inventories, identifying and mapping the attack surface, prioritizing vulnerabilities, and shortening incident response.
Extracting and refining data
There’s a lot of infrastructure for extracting data out there in the world. SIEMs, as an example, extract it, but it’s still crude – and most people don’t know how to use raw data. It needs to be refined into something people can understand. When complex subjects are more easily understood there is more effective and efficient decision making. We also need to understand the level of refinement needed for its purpose – for example there’s a difference between the gas you get at the pump and what you put into jet engines. Understanding the application of data for an intended purpose provides us guidance on the level of refinement. For example, it’s just wasted money to fill up your tank with premium while the manufacturer suggests regular and it’s all you’ve been using before. Availability doesn’t mean we should consume it all.
Making liquid gold
You have access to your data, but making it valuable is complicated. Most people don’t have time or know-how to consume raw data. It needs to be refined before it can be used effectively. There are some pretty serious challenges when it comes to using data in an enterprise environment: there are too many sources of data coming in at once; there isn’t enough standardization across those sources; and even if you get all that figured out, there aren’t any tools available to refine the aggregated data in a way that it can be easily consumed.
That’s why I built appNovi. If you’ve got data sitting around in your SIEMs, chances are it’s raw – just like the stuff coming into your oil refinery. And just like a refinery that turns crude oil into gasoline for cars (or jet fuel for airplanes), we take that raw data and refine it into something usable and valuable. The outcome of data aggregation and refinement is simplicity and flexibility in use. Simple in accessibility, and flexible in consumption — your data is easily analyzed and applied to a task (e.g., can I quarantine this server) or broader initiative (e.g., maintain an accurate cloud inventory).
Make your data work for you
Traditional tools aren’t very intuitive or visual by nature, which makes them difficult for people who don’t have advanced knowledge of SQL, APIs, or some vendor-specific query mechanism to access the data to achieve their desired goal. But it doesn’t have to be this way!
All users interested in learning more about their own organization’s security data can easily visualize and understand their data and findings without having technical expertise firsthand; the only skill requirement for using appNovi is curiosity.
When you use appNovi, you’re not just getting access to data; you’re getting access to refined data – the kind of information that’s actually worth something to your business and stakeholders. Whether there’s a requirement to automate asset inventory management and security control analysis, identify and map the attack surface, identify risk faster, or shorten response, appNovi turns your raw data into the fuel needed to force multiply your SOC.
We made it flexible to install, easy to configure, and ready for you to try.