[Workshop Alert] Dynamic Scoring for WAF Actions and CloudFront Traffic - Save Your Seat Now!

Our Journey from Homeland Security to Actionable Log Analytics

  • Ariel Assaraf
  • April 15, 2015
Share article
our journey cyber to analytics

5 years ago, when I finished my Army service at the IDF 8200 intelligence unit, it was clear to me that my future is in the world of intelligence and cyber. It was only natural for me to start my first job at a successful Homeland security firm.

Although my service prepared me quite well for this market, it was only when I was working for a global company that I was introduced to the 3 ground rules for success in the world of Intelligence and Cyber:

1) Recognize the routine and identify abnormal behavior

2) Provide real-time insights

3) Give the user the data he needs to take action

One phrase that was particularly emphasized was “Actionable”. We were always instructed to think of methodologies which will not just display our customers with the data we collect, but rather provide the information they need in order to take action; this is a must in the world of intelligence and cyber security because a quick response to events is crucial for success.

A large part of my 4 years in that firm was spent on software debugging and endless log reading, hoping to find what I was looking for – that needle in a haystack.

One day I had lunch with a friend from work who was the company’s Tech & Innovation Leader, we talked about how much time we spend on this exhausting and non-efficient process and how there is no viable solution out there. My friend then smiled and said that we should meet after work because he has something in mind he thinks I will like.

When we started talking about Coralogix’ solution, it was quite different than what it is today. But 3 main rules have always lead us:

1) Recognize the routine and identify abnormal behavior

2) Provide real-time insights

3) Give the user the data he needs in order to take action

In other words, we decided to bring the intelligence and cyber methodologies into the world of Log Analytics and provide Actionable insights that will allow software companies to not only retrieve their data and analyze it, but also to take action and proactively monitor their systems.

But what seemed simple at the time was and still is a huge challenge, since log data is nothing like network traffic, each log entry has its own individual style that varies by the way a certain developer expresses himself. We found that the algorithms and methodologies we knew from the cyber world were not sufficient in order to bring the value our customers need.

After a few weeks of investigations we ran out of solutions and started to re-think our concept of simply applying cyber algorithms on software logs. We understood that we would need to tackle the problem from a different angle and by pure chance, we found just the right guy for the job – our Neuroscientist friend (who was also my roommate back then).  He offered a whole new perspective to the problem that comes from the world of protein sequencing. This approach allowed us to overcome the challenges log data presents, and push our anomaly detection model back to the world of cyber security.

Since then, 3 more IDF 8200 intelligence unit veterans joined Coralogix and helped us make our dream a reality. A scalable Log Analytics platform that can connect to any software, collect all log types (regardless of their content), learn the system’s normal flows, automatically detect anomalies, and provide their root cause and actionable solution. Coralogix is now changing the way companies perform their software maintenance and delivery and will be out on the market once we finish connecting to the first 30 businesses that have already registered to our Beta version.

To sign up for our Beta version and be one of the firsts to enjoy Coralogix’ Actionable Log Analytics solution, just click on the “Join the Beta” button above and become a part of a global movement that is shifting towards actionable and meaningful results in the world of DevOps & Log Analytics.

Observability and Security
that Scale with You.