Revolutionise your threat investigations

Increase your investigative power with advanced AI tools

Labyrinth for Threat Investigations

Advanced threat investigations with AI-powered data fusion, analytics, graphing, visualisation, knowledge and insights

Comprehensive Enterprise Threat Investigations

Labyrinth for Threat Investigations (LTI) is designed to help organisations with the complex challenge of mitigating both physical and cyber threats, from internal and external sources. Using data fusion, it provides a comprehensive, enterprise-wide approach to threat exploration at scale.

Threat intelligence

Quickly expose the impact of malicious activity, using automation to build connections across local and remote data sources and your derived knowledge store.

Threat hunting

Proactively identify early threat indicators against your network or corporate security, and share intelligence with colleagues and partners.

Incident response

Respond to cyber and physical threats in real-time, using a single view of risk and intelligence to understand potential impact.

Strategic analysis and forecasting

Going far beyond standard tactical analysis, LTI provides you with detailed, actionable intelligence based on trend and pattern analysis, to aid forecasting and long-term planning.

Threat intelligence

Quickly expose the impact of malicious activity, using automation to build connections across local and remote data sources and your derived knowledge store.

Threat hunting

Proactively identify early threat indicators against your network or corporate security, and share intelligence with colleagues and partners.

Incident response

Respond to cyber and physical threats in real-time, using a single view of risk and intelligence to understand potential impact.

Strategic analysis and forecasting

Going far beyond standard tactical analysis, LTI provides you with detailed, actionable intelligence based on trend and pattern analysis, to aid forecasting and long-term planning.

“It is essential to have an approach that addresses all threats - not just cyber.”

Head of Threat Investigations, Major Tech Company

AWS Cloud

Ripjar is partnered with AWS Security Lake to provide scalable, flexible, secure threat investigations in the cloud, integrating rich internal and external data. Realise your security plans earlier with a fully managed solution.

Flexible Data Fusion

LTI is designed for organisations wanting more than an off-the-shelf TIP or SOAR. It provides maximum flexibility and strategic intelligence on top of tactical and operational threat analysis.

Flexible data sources

LTI's extensible schema and built-in developer stack makes it simple to add integration to hundreds of data sources. The data store provides strict audit capabilities along with traceability and timeline viewing.

Flexbible data sources image

Holistic picture of risk

Gain a holistic picture of risk by fusing data from multiple structured and unstructured sources from both inside and outside of your organisation, and extract value from previously underutilised datasets.

Holistic picture of risk

Integrations

LTI provides integrations to major data providers and security monitoring systems as standard, including HYAS, Recorded Future, DomainTools and AWS Security Lake.

Integration image

Compatibility

LTI is built on the Open Cybersecurity Schema Framework (OCSF), which simplifies collaboration on data elements. The platform is also compatible with commonly used standards such as STIX, TAXII and MITRE ATT&CK.

Compatibility image

Flexible data sources

LTI's extensible schema and built-in developer stack makes it simple to add integration to hundreds of data sources. The data store provides strict audit capabilities along with traceability and timeline viewing.

Holistic picture of risk

Gain a holistic picture of risk by fusing data from multiple structured and unstructured sources from both inside and outside of your organisation, and extract value from previously underutilised datasets.

Integrations

LTI provides integrations to major data providers and security monitoring systems as standard, including HYAS, Recorded Future, DomainTools and AWS Security Lake.

Compatibility

LTI is built on the Open Cybersecurity Schema Framework (OCSF), which simplifies collaboration on data elements. The platform is also compatible with commonly used standards such as STIX, TAXII and MITRE ATT&CK.

Powerful Investigations

With its industry-leading platform and advanced analytics, LTI provides everything you need to undertake in-depth investigations. Use Labyrinth's powerful search to retrieve data from across local and remote sources, and follow connections to discover underlying links.

Powerful Investigations

With its industry-leading platform and advanced analytics, LTI provides everything you need to undertake in-depth investigations. Use Labyrinth's powerful search to retrieve data from across local and remote sources, and follow connections to discover underlying links.

Entity extraction

Gain unparalleled understanding of your data with comprehensive, AI-powered entity extraction and classification across your unstructured documents and reports.

Knowledge management

Annotate findings from your investigations directly on top of fused data sources, with full lineage back to underlying data. Collate and record intelligence in a vetted organisational knowledge graph to support smarter decision-making and aid future investigations.

Data visualisation

Use maps, histograms, timelines, topic visualisations, hypergraphs and integrations to interpret data in context, segmenting information logically, geographically and by time-slice.

Scalable platform

LTI can scale to meet data volume challenges and increasing user numbers. For example, the graph visualisation is built with scale in mind, and can accommodate 500k+ nodes.

Powerful Investigations

With its industry-leading platform and advanced analytics, LTI provides everything you need to undertake powerful investigations. Use Labyrinth's powerful search to retrieve data from across local and remote sources, and follow connections to discover underlying links.

Entity extraction

Gain unparalleled understanding of your data with comprehensive entity extraction and classification across unstructured documents and reports. Record intelligence in a vetted organisational knowledge graph to be used in future investigations.

Entity extraction image

Knowledge management

Annotate findings from your investigations directly on top of fused data sources, with full lineage back to underlying data, while collating a functional knowledge layer to support smarter decisions and investigations.

Knowledge management image

Data visualisation

Use maps, histograms, timelines, topic visualisations, hypergraphs and integrations to interpret data in context, segmenting information logically, geographically and by time-slice.

Data visualisation image

Scalable platform

LTI can scale to meet data volume challenges and increasing user numbers. For example, the graph visualisation is built with scale in mind, and can accommodate 500k+ nodes.

Scalable platform image

“Labyrinth is a really great platform to do analytic work in. It also has much greater knowledge capability compared to other platforms and provides us with vital forecasting ability.”

Head of Threat Investigations, Fortune 500 Tech Company

Flexible Workflow and Automation

Out of the box, Labyrinth for Threat Investigations comes with several cyber threat intelligence workflows that can help you detect and assess indicators of compromise and associated risks.

Customisable workflows

Automate investigative steps by designing and executing fully customisable threat-hunting and investigative workflows to suit your exact requirements. Workflows can also be used to build new user interface capabilities and integrations to other tools in your environment.

Developer tools

The platform can be evolved by your team to expand sources, write new applications, customise analytics and automate investigative processes to keep up with evolving requirements. Developers can work directly in the platform or by using the VSCode plugin.

Built-In Security

Ripjar's security model has been developed to suit the most complex environments containing mixed classification documents, and the platform is capable of meeting even the strictest national security requirements.

Attribute-based security

Alongside standard approaches such as TLP, security markings can be applied to align with your required security controls, while enabling analysts to access permitted information in a fully audited environment.

Request a Demo

Ready to get started?
Request a Demo