Revolutionise your threat investigations
Labyrinth for Threat Investigations
Advanced threat investigations with AI-powered data fusion, analytics, graphing, visualisation, knowledge and insights
Comprehensive Enterprise Threat Investigations
Labyrinth for Threat Investigations (LTI) is designed to help organisations with the complex challenge of mitigating both physical and cyber threats, from internal and external sources. Using data fusion, it provides a comprehensive, enterprise-wide approach to threat exploration at scale.
Threat intelligence
Quickly expose the impact of malicious activity, using automation to build connections across local and remote data sources and your derived knowledge store.
Threat hunting
Proactively identify early threat indicators against your network or corporate security, and share intelligence with colleagues and partners.
Incident response
Respond to cyber and physical threats in real-time, using a single view of risk and intelligence to understand potential impact.
Strategic analysis and forecasting
Going far beyond standard tactical analysis, LTI provides you with detailed, actionable intelligence based on trend and pattern analysis, to aid forecasting and long-term planning.
“It is essential to have an approach that addresses all threats - not just cyber.”
Head of Threat Investigations, Major Tech Company
AWS Cloud
Ripjar is partnered with AWS Security Lake to provide scalable, flexible, secure threat investigations in the cloud, integrating rich internal and external data. Realise your security plans earlier with a fully managed solution.
Flexible Data Fusion
LTI is designed for organisations wanting more than an off-the-shelf TIP or SOAR. It provides maximum flexibility and strategic intelligence on top of tactical and operational threat analysis.
Flexible data sources
LTI's extensible schema and built-in developer stack makes it simple to add integration to hundreds of data sources. The data store provides strict audit capabilities along with traceability and timeline viewing.
Holistic picture of risk
Gain a holistic picture of risk by fusing data from multiple structured and unstructured sources from both inside and outside of your organisation, and extract value from previously underutilised datasets.
Integrations
LTI provides integrations to major data providers and security monitoring systems as standard, including HYAS, Recorded Future, DomainTools and AWS Security Lake.
Compatibility
LTI is built on the Open Cybersecurity Schema Framework (OCSF), which simplifies collaboration on data elements. The platform is also compatible with commonly used standards such as STIX, TAXII and MITRE ATT&CK.
Flexible data sources
LTI's extensible schema and built-in developer stack makes it simple to add integration to hundreds of data sources. The data store provides strict audit capabilities along with traceability and timeline viewing.
Holistic picture of risk
Gain a holistic picture of risk by fusing data from multiple structured and unstructured sources from both inside and outside of your organisation, and extract value from previously underutilised datasets.
Integrations
LTI provides integrations to major data providers and security monitoring systems as standard, including HYAS, Recorded Future, DomainTools and AWS Security Lake.
Compatibility
LTI is built on the Open Cybersecurity Schema Framework (OCSF), which simplifies collaboration on data elements. The platform is also compatible with commonly used standards such as STIX, TAXII and MITRE ATT&CK.
Powerful Investigations
With its industry-leading platform and advanced analytics, LTI provides everything you need to undertake powerful investigations. Use Labyrinth's powerful search to retrieve data from across local and remote sources, and follow connections to discover underlying links.
Request a DemoEntity extraction
Gain unparalleled understanding of your data with comprehensive, AI-powered entity extraction and classification across your unstructured documents and reports.
Knowledge management
Annotate findings from your investigations directly on top of fused data sources, with full lineage back to underlying data. Collate and record intelligence in a vetted organisational knowledge graph to support smarter decision-making and aid future investigations.
Data visualisation
Use maps, histograms, timelines, topic visualisations, hypergraphs and integrations to interpret data in context, segmenting information logically, geographically and by time-slice.
Scalable platform
LTI can scale to meet data volume challenges and increasing user numbers. For example, the graph visualisation is built with scale in mind, and can accommodate 500k+ nodes.
“Labyrinth is a really great platform to do analytic work in. It also has much greater knowledge capability compared to other platforms and provides us with vital forecasting ability.”
Head of Threat Investigations, Fortune 500 Tech Company
Flexible Workflow and Automation
Out of the box, Labyrinth for Threat Investigations comes with several cyber threat intelligence workflows that can help you detect and assess indicators of compromise and associated risks.
Customisable workflows
Automate investigative steps by designing and executing fully customisable threat-hunting and investigative workflows to suit your exact requirements. Workflows can also be used to build new user interface capabilities and integrations to other tools in your environment.
Developer tools
The platform can be evolved by your team to expand sources, write new applications, customise analytics and automate investigative processes to keep up with evolving requirements. Developers can work directly in the platform or by using the VSCode plugin.
Built-In Security
Ripjar's security model has been developed to suit the most complex environments containing mixed classification documents, and the platform is capable of meeting even the strictest national security requirements.
Attribute-based security
Alongside standard approaches such as TLP, security markings can be applied to align with your required security controls, while enabling analysts to access permitted information in a fully audited environment.
Request a Demo