How to visualize virtual cloud network communications in a meaningful manner for end-users, enabling him/her to pinpoint problems immediately?

How to offer contextual suggestions to eliminate the threats?

How to enable end-user to look through suspicious activities in a cloud network’s communication history -within a user-defined time range and be able to act upon those threats right away?

How to manage pre-canned solutions to eliminate reoccurring typical threats?

How to choose/apply those pre-canned solutions when a threat is detected?

How to manage multiple, monitored Virtual Private Clouds within the application?

How add a new VPC to the system?

How to manage, add new or disable existing data source to an existing, already ingested VPC?

And a lot more unclear questions and problems…

Logotype “PackMan” concept.

The app is eating up all the malicious threats… 

Branded front page with simple sequential login to access the application.

Application Status / Performance Overview Screen

Contains a list of affected networks currently ingested by the system. Users can launch a VPC for analysis/remediation from the prioritized list.

After log in, a user would land on the last opened graph if wasn’t closed or if there was any.

Tab selected screen where User can choose if wants to address new high priority threats or continue monitoring graphs previously worked on.

Also can add a new VPC to be monitored.

The right-hand side panel displays performance-related statistical data and high-priority threats detected.

Application Menu for a selected VPC Network Graph.

Add / Manage Datasources current used by the selected Virtual Private Cloud.

Modal Panel to manage Datasources. 

Add/enable/disable Datasources used by the currently selected Virtual Private Cloud.

By either selecting the “Threats” tab in the right-hand side panel or clicking on a compromised “Node” within the graph, the user can start the remediation process for the affected network.

In the right-side panel, chronologically all detected threats are listed. Clicking on a threat will initiate threat elimination.

Using the timeline below the graph, users can jump to any called out “Suspicious Activity”

In time within the displayed time range.

After the user selected a particular threat to remediate, suggested actions “PlayBooks” and threat details displayed in the panel.

Users can navigate back to the full threat list if needed.

Selecting a suggested action will offer subsequent options to remediate the threat.

Users can choose to either “Run” or “Test” the effect of the selected PlayBook to see if it will achieve the desired results.

If PlayBook is tested the graph will visually display the effects on the graph.

In this example, the PlayBook is tested before the user commits to run it.

After PlayBook is tested, the user can read the list of eliminated threats and the remaining threats. in the panel. The operator can also see the PlayBooks effect visualized on the network graph.

She/He has the choice to run the PlayBook or to go back to the chronological list of threats.