NEW PRESS RELEASE: SOD Awarded $2.2 M Grant to Futher Develop AQ Technology | Click Here

Analyzing All the Data, All the Time

AQ TechnologyTM

SOD’s ground-breaking AQ TechnologyTM is based on Rough Set mathematics and 3 different Artificial Intelligence models.  AQ TechnologyTM is a data analytics engine that sits between the data lake and the application which provides analysis of indicators 100+ times faster than querying the database directly.

“Security On-Demand is the only MSSP/MDR company in the world that utilizes AQ Technology.  With over 7 patents, SOD has raised the bar for every competitor in the managed security services industry.”

Because of the speed and performance, AQ Technology can analyze all of the log data, without data reduction, normalization, or elimination of potential threat indicators.   This allows Security On-Demand to find threats and indicators that would otherwise be dropped from the data set based on the overwhelming volume of data.

Using AQ Technology in Threat Detection

The benefits of Security On-Demand’s AQ Technology are disruptive compared with current industry approaches.  AQ Technology provides the following benefits:

  • Enhances Machine Learning Models
  • Eliminates the need to perform data reduction
  • Significantly enhances the time to detection
  • Lowers the labor cost of false positives
  • Increases the percentage of threats detected
  • Know what is in the data set (or data lake) before we search for it
  • Eliminate the need to sample the data to know what’s in it
  • Eliminate the need to extract data sets into elastic search to hunt for data
  • Conduct broad searches for threat indicators across large data sets not previously possible
  • Conduct a series of Machine Learning Automated database queries to hunt for threat indicators

SOD WhitePaper:
The Economics of Threat


SOD WhitePaper:
Attackers Hiding in Plain Sight

Threat Detection on a Massive Scale

Threat Detection on a Massive Scale

When it comes to finding threats – speed to detection is key – that’s where AQ TechnologyTM leads the way.

A New, Patented Approach to Threat Analytics

A New, Patented Approach to Threat Analytics

Patented AQ TechnologyTM powers AI breakthroughs in advanced threat detection

Rapid Analysis of Threat Data

Rapid Analysis of Threat Data

We can find advanced threats 10 to 100 times faster and more accurately than a SIEM or 3rd Generation system

AQ Technology – “Fishing in Data Lakes” Data lakes are populated with various log data and a mathematical model is built of all the data in each lake called a Data Abstraction Layer (DAL). The DAL acts as a kind of “fish finder” – it knows if the “fish” are in the data lake and what the characteristics are. When using iterative queries (such as in cybersecurity), knowing what data is there shapes what questions we ask. After query refinement reduces the data set, we use exact queries to drill further.

Case Study:  How AQ TechnologyTM proved its worth when the famous “WannaCry” Ransomware attack occurred throughout the world in May of 2017.

  • One of the threat indicators that helped SOD identify whether a client was infected or about to be infected, was the identification of significant traffic activity on Port 445.
  • Because of the large data volumes being collected, (over 16-20 billion events per day) it would normally be a daunting task to query approximately 30 days of historical data (about a petabyte) in order to receive the results.
  • Using SOD’s new ThreatWatch platform based on “AQ” data analytics technology, the query was performed in under 19 minutes.
  • By comparison, querying the same indicators on a normal database would have taken over approximately 3.5 days for a single indicator.

This revolution in query performance (previously known as superscale analytics) will change the game with the ability to query threat indicators at a level previously unprecedented in the industry, which is only still in its infancy as new extensions to the AQ TechnologyTM are being discovered.