At its core, the unified device feature creates a single, cohesive view of each device or host across all your integrations. It’s not just about consolidating data; it’s about transforming it into something actionable and reliable. Here’s how:
- Incremental Data Modeling
- Each device or host is modeled as a unified entity, adhering to a strict data model for clarity and consistency.
- Correlation Rules with Weighted Attributes
- Devices are unified based on properties like serial numbers, hostnames, and IP addresses.
- A weighted scoring system ensures unifications occur only when correlations meet a strong threshold, preventing over-merging.
- Self-Healing and Customization
- The system self-corrects errors in unification and supports customization. While customization is available, it’s guided by best practices to avoid common pitfalls like over-unification.
Making Data Intuitive: The Enhanced Matrix View
We understand that visualizing complex relationships can be daunting. That’s why unified device includes an intuitive presentation layer:
- Matrix View: Imagine a spreadsheet, but smarter. This familiar interface allows you to filter and drill down into specific device attributes, such as operating system types and last-seen dates.
- Heatmaps and Correlation Strengths: These visual tools highlight why devices are correlated, helping you quickly understand the logic behind the unification.
- Consistent Normalization: OS versions are intelligently normalized, ensuring uniformity across integrations and reducing manual work.
Why It Matters
Unified devices empowers security teams to:
- Move beyond "What assets do we have?" to "How are our assets connected and potentially vulnerable?"
- Resolve integration challenges with confidence, ensuring accurate device representations across sources.
- Present clear, actionable insights to stakeholders, bridging technical analysis with strategic goals.
The unified device feature blends familiar list-based workflows with the power of graphs, the system equips defenders to think like attackers, staying one step ahead. And as we refine this approach, customer feedback will remain at the heart of our evolution.
So, whether you’re troubleshooting integration issues or exploring new ways to secure your environment, unified device is here to simplify the complex.
