Gravwell is an enterprise data fusion platform that enables security teams to investigate, collaborate, and analyze data from any source, on demand, all with unlimited data collection and retention. Ingest everything. Investigate anything.
Gravwell's co-founder, Corey Thuen, was interviewed on ITProTV Technado episode 169. Discussion topics included the Big Bang 4.0 release, data fusion platform use cases, and the many benefits of the quarantine beard.
"Sculpt with your data"; "Ingest first, ask questions later" ~Corey Thuen, Gravwell CEO
"I've used it to harvest egress data to identify anomalies so I can see if data is being exfiltrated. I've used it to analyze denial of service traffic to be able to recognize a pattern to help with filtering on firewalls ... even simple things like just aggregating log data using it as a centralized location for syslogs, which is not really what it's intended for but it does a good job at, so it's a really powerful program." "The biggest benefit it has is ... similar products like this, like if you want to stand up an ELK stack, it takes forever and it takes a lot of different components, but with Gravwell ... you can have it up and running in a matter of minutes and be ingesting data before you know it. It's just a really awesome product all in all." ~Don Pezet, Technado host