Solution Architecture

Data from endpoints, applications, servers and other security devices are ingested into LinkShadow in the form of logs collected from the SIEM, data from Active Directory and the Netflow from the Core Switch. This data is then aggregated and processed through machine learning algorithms which profile users and entities providing each with a threat score. This score alerts the analyst allowing them to focus on the most risky users and assets. The LinkShadow appliance allows flagged assets and users to be reported to the SIEM or via reports which can be shared with Top Management.

LinkShadow Architecture