Analytics solutions and tools are being deployed by organizations in many industry sectors to deliver insights into customer and end-user behavior, root causes, trends, and much more. Security analytics, however, addresses substantially diferent needs because, when it comes to security threats, the cost of failure may be extremely high. It is measured in terms of lives lost or injured, the disruption of public safety and essential services and infrastructures, and economic mayhem. NEXT-GENERATION SECURITY ANALYTICS – BEYOND WHAT YOU THINK As shown below, advanced investigative analytics enables security organizations to fuse data from all their sources such as government databases, police and intelligence reports, the open and Dark web, network trafc, social media, forensics and IoT devices, to name just a few. The many data types - text, images, video, audio, and so on - are fused into a platform on which AI-based analytics can be conducted: detecting anomalies, correlating events, predicting behavior, and establishing patterns and relationships. The algorithms are adaptive and grow smarter as they are exposed to more data. The output: automatically extracted actionable investigative and threat detection insights. DIVERSE DATA SOURES Open and Dark web Social media Communications networks Sensors, edge devices, etc. ADVANCED SECURITY ANALYTICS Location, Link Analysis Similarity/anomaly detection Behavioral analysis Event correlation, etc. ACTIONABLE INTELLIGENCE Target/mass profling Relationship discovery Prediction Risk assessment Who is behind the security threat or incident What is their motivation What means were used and where did they obtain them Are they working alone or as part of a group ? ? ? ? Discovery Fusion The core capabilities of a security analytics solution typically include: Robust data collection and fusion – the ability to collect and analyze inputs from massive volumes of diverse data sources. Flexible Investigative analytics that work well across diverse use cases, such as anomaly detection that can be applied to IT systems, fnancial transactions, the activities of individuals and organizations, and more. Fine-grained permissions model that lets security organizations keep sensitive data walled of and control who sees what based on security clearances. Investigation and case management workfows. Visualization/search/analytical tools to answer complex questions such as: