P3 Cyber Assist - AI for Logs

P3 Cyber Assist applies the P3 Lake  architecture to enterprise cyber log data, creating a cost-optimized and AI-ready cyber log environment. P3 Cyber Assist delivers an authoritative cyber data repository that includes storage, management, and analytic capabilities for enterprise-wide cyber security event data and meets Executive Order (EO) requirements for log storage and retention. P3 Cyber Assist uses cloud hosted services and cloud-based cyber event log collection, reducing the costs for data storage and SIEM tool licensing. P3 Cyber Assist is flexible and can provide a Data Lake in AWS, or multiple Data Lakes in a multi-cloud environment, to address evolving mission and business requirements. The solution works along-side existing SIEM tools (such as Splunk) and can connect to on-premises and multiple cloud providers, with multiple data intake methods enabled by serverless cloud services such as AWS Lambda Apps for API and file copy calls to pull data from different monitoring and log collection sources. P3 Cyber Assist creates curated data tables for Bronze, Silver, and Gold data and uses organizational and enterprise risk management policies to intelligently promote selected logs to the enterprise SIEM. P3 Cyber Assist includes P3 Data Govern  providing analysts and data scientists with self-service access to logs and telemetry through a cyber security data catalog. Standardizing and democratizing data to this level allows teams to freely access relevant data during time sensitive events. P3 Cyber Assist leverages analytics platforms like Databricks or native AWS services such as Amazon OpenSearch Service and Amazon SageMaker to enable Artificial Intelligence (AI) searches on data within Data Lakes on multiple clouds, improving detection and response timelines and event correlation. In addition to licensing, storage, and virtual machine cost savings, the solution meets the current presidential Executive Order (EO) requirement for log storage and retention.