How It Works

Echo is a multi-node, container based Cybersecurity data platform that helps enterprises gain a full 360 insight into their Cybersecurity health status. Echo ships in different flavors and distributions to support the unique requirements of today's enterprise security best-practices.

Best-in-class data infrastructure

Echo is built on top of the Elastic Stack, an open-source datastore designed to cope with very high data velocity while serving high query workloads.

Having a best-in-class data infrastructure allows Echo to focus on tailoring use-cases for today's Cybersecurity demands.

Event-Driven

Echo's powerful and flexible Data Streams allow enterprises to react quickly to Cybersecurity incidents and events as they arrive. Each event follows a custom-tailored ruleset to allow searching, alerts, visualizing and enforcment of policies.

Echo's programmatic API interface allows in-house and legacy systems to easily send and receive events and data, this allows enterprises to further integrate Echo and leverage its benefits.

Hyperscale

Echo is a stack of components working together to provide a coherent and concise user experience. Built on top of Container leading technology, scaling Echo is as simple as running a single command in an operator's console.

Having an easy to scale platform allows Echo to grow alongside the enterprise and as more data requirements are added, a larger scale can easily be reached.

  $ ./echoctl ps | grep parser

  CONTAINER ID        IMAGE                           STATUS
  a90c6e6c41cd        joola/echo-parser-cef:dev       Up 3 months
  ad070b153b89        joola/echo-parser-cef:dev       Up 3 months

  $ ./echoctl scale up parser=4
  # We now have 8 parsers running across nodes

  a90c6e6c41cd        joola/echo-parser-cef:dev       Up 3 months
  ad070b153b89        joola/echo-parser-cef:dev       Up 3 months
  35632f6516d0        joola/echo-parser-cef:dev       Up 3 months
  c1240e9a1c56        joola/echo-parser-cef:dev       Up 3 months

Data Retention Policies

Echo's data retention policies allow enterprises to categorize incoming data into streams and later assign each with its own custom data retention life-cycle management, such as: cold store, archive, deletion and forwarding to other big-data systems.

Data Retention Policy ensures Echo has high availability by preventing an out-of-storage events while making sure that most valuable and relevant data remains available in the system.

Enterprise Ready

Echo's data retention policies allow enterprises to categorize incoming data into streams and later assign each with its own custom data retention life-cycle management, such as: cold store, archive, deletion and forwarding to other big-data systems.

Data Retention Policy ensures Echo has high availability by preventing an out-of-storage events while making sure that most valuable and relevant data remains available in the system.