PERSPECTIVES ON THE INDUSTRIES AND ISSUES THAT MATTER
Categories

ICF and Elastic: Bringing nextgen cyber analytics to clients

May 30, 2019 2 MIN. READ

ICF is collaborating with Elastic, the company behind Elasticsearch and the Elastic Stack, to bring clients cost-effective solutions to organize, analyze and visualize their big cyber data. Elastic offers some of the fastest growing open source tools in the federal cyber market, and we’re one of the largest service providers to employ those tools and their proprietary capabilities.

The right tool for complex analyses

As organizations onboard new cyber capabilities, the volume of data continues to increase exponentially. This makes log analysis—the process of analyzing computer-generated records to actively mitigate risks—more critical than ever. Plus, as more and more organizations move to the cloud, log analysis is often the only means of providing full visibility into their IT environment.

In recognizing the need for increased big data processing and log analysis, we searched for a robust set of tools to meet the growing needs of our clients. We found those tools in the Elastic Stack, the open source products built by Elastic and designed to help reliably and securely take data from any source, in any format, and search, analyze and visualize it in real time.

Unlocking patterns for critical cyber intelligence

With the Elastic Stack capability and its user-friendly interface, ICF’s cyber experts can readily unlock key information and patterns buried in client data and help identify critical mission intelligence within. We work with each client to understand their environment and requirements, then build scalable solutions customized to meet their specific needs, adding value and ensuring client satisfaction.

“ICF was an early adopter in the federal space. They are building on top of the Elastic Stack’s speed, scale and relevance to create unique defensive cyber capabilities that support the mission requirements for the U.S. Department of Defense,” said George Young, area vice president, U.S. public sector at Elastic. “We’re excited to strengthen our long-standing collaborative relationship to bring both new and existing customers next-generation capabilities for advanced cyber analysis.”

The Elastic Stack offers compatibility, flexibility, performance, analysis and visualization capabilities. Its powerful features include machine learning, log analytics, full-text search and dynamic queries, which enable enhanced data mining and operational intelligence for structured and unstructured data.

More than data logging

ICF cyber experts leverage the components of the Elastic Stack—Elasticsearch, Logstash, Kibana, Beats—to benefit clients. We also deploy powerful proprietary features such as security, monitoring, alerting and machine learning to enhance search, logging, security and analytics use cases. These capabilities enable significant noise filtering for massive amounts of data, helping analysts quickly identify and proactively hunt cyber threats.

“Elastic enables us to provide next-gen capabilities for insider threat detection, search, monitoring and threat analysis for all of our customer markets—federal, defense, critical infrastructure, commercial and academia,” said Jonathan Sholtis, senior vice president for cybersecurity at ICF. “Clients expect the most cost-effective, cutting-edge cyber defense solutions and our collaboration with Elastic Stack enables us to deliver and exceed our customers’ needs.”