Cyber Security

Stop processing alerts. Start detecting threats. Revolutionize your cyber security operations and protect your enterprise with Palantir.

How do you defend your enterprise from unknown cyber threats?

Cyber security teams today typically use multiple endpoint solutions to protect their enterprises from common cyber threats. Each tool generates alerts based on a particular kind of suspicious activity. But none of these tools is equipped to detect sophisticated, adaptive attacks—the kind of attacks that target the world's largest and most critical institutions on a daily basis.

With Palantir, your enterprise can finally detect advanced threats that lie hidden within your data. All of it. Structured network logs from proxy to IDS, VPN, anti-virus, DLP, DNS queries, malware tools, and application logs. Contextual data like email, print logs, facility access logs, internal chat logs, and human resources data. Open source and third party data. Our technology integrates it all into a single environment, and separates actionable signal from the noise so you can protect your network.

Interact with all the relevant data at scale

Palantir’s pre-built, out-of-the-box integration pipelines integrate key data sources into a distributed data store that enables sub-second querying of trillions of records at petabyte scale. Within days of deploying the product, all integrated data is available for automated correlation against threat detection algorithms as well as user-driven querying and analysis.

Discover sophisticated attack patterns in your data

With the data in place, algorithms comb through multiple data sources to detect anomalous patterns or otherwise suspicious activity on your network. The resulting cases are ranked by relevance and presented to the user. An analyst can triage these cases and then drill down on any particular anomaly to investigate it further. The algorithms improve over time as investigations are closed and new information emerges.

Conduct forensic investigations of suspicious incidents

Analysts can investigate incidents across multiple dimensions within a single workspace. Discover connections between seemingly unrelated events, map hostile activity based on origin, and identify critical vulnerabilities across enterprise systems and networks. Analysts can rapidly pivot from threat detection to response and mitigation, streamlining cyber security workflows.

Reinforce enterprise defenses over time

Palantir provides a richly collaborative environment in which analysts can employ successful investigative strategies developed by their peers. Analysts can also track how cyber threats change over time and preemptively mitigate threats they have seen before. Security teams can pivot from passive alert processing to proactive threat detection and counter-intelligence.

Recognizing that commercial institutions face a shared set of cyber threats, we created a platform for secure information sharing across organizational boundaries. We call it the Cybermesh. Drawing on successful collaborative models that we have implemented within the defense and intelligence communities, the Cybermesh enables secure peer-to-peer sharing between enterprises with automatic redaction of sensitive data. By letting organizations leverage the subject matter expertise of Palantir engineers and insights from peer institutions, the Cybermesh enables enterprises to strengthen their defenses over time.