Network monitoring system for cyber security consultancy
Cybersecurity company Countersight wanted a cutting-edge network security solution that would be affordable even for a small business budget. The core functionalities were: rule configuration for network anomaly detection, real-time user alerting, as well as automated analysis for taking immediate actions.
We developed a user-oriented solution that can be used by any generalist IT practitioner with no prior security background. Our web development services enabled Countersight to not only use the platform for their own clients, but also to fulfill their vision of successfully launching this innovative product on the market.
ABOUT THE CLIENT
Countersight is a cyber-security company that provides consultancy and agile network monitoring for anomaly detection and alerting.
They are proud to have been selected by DCMS to feature in the CyberUK 2018 Innovation zone and you can also find them on the Cyber Exchange.https://countersight.co
Countersight needed to convert their internal procedures into a market-ready web based application to collect information from the network, organize it into a standardized format, and make it available for high-volume searching, alerting, and data correlation.
Their purpose was to detect malicious activity, while also providing long-term retention of critical information, to enable effective incident response in the case of a breach.
The digital product had to be cutting-edge, affordable, and accessible even for smaller companies, so that Countersight could use it for their clients as well as sell it as an individual product.
We started with business and requirements analysis, following which we began developing a lightweight network security monitoring application, designed to be used by generalist IT practitioners with no security background.
Kibana and Elasticsearch based-app development
The client’s platform was built using Elasticsearch and it’s visual plug-in - Kibana.
Elasticsearch is an open-source technology that can aggregate large amounts of data, returning results in a matter of a blink of the eye. It’s visual plug-in - Kibana - allows users to manipulate the data and present them in different formats.
We also worked on improving Kibana’s interface, for better user experience and to make it as intuitive as possible for any type of user.
Rule configuration for anomaly, incidents and threats detection
Real-time network monitoring and user alerting
Automated analysis for taking immediate correcting actions
One of the key features we implemented and constantly improved is alerting, allowing real-time notification and automated analysis on activities of interest.
It uses Elastalert for personalized rule configuration (e.g. detecting changes in traffic volume, blacklist based alerting, etc.) and a Kibana plugin for graphical visualization, making it an user-friendly yet security-tight environment.
We build the plug-ins using Angular.js, React for the front-end and Node.js for back-end.
Our complementary services helped our client develop the product beyond a highly technical in-house tool used to support their consultancy practice.
It became a market-ready user-oriented software, effectively emerging as an affordable solution for tech companies network security needs.
By working with our developers, Countersight was able to implement their vision of providing cutting-edge cyber-security services to businesses of all sizes.
Got a similar idea?
Let’s talk about how you can implement it!
Fully Digital Workflows for Architecture Practice
Automated briefing web platform, helping a London-based architecture practice gain significant competitive advantage by letting them visually represent area briefing data to their clients in an engaging and appealing way.