The Visual Action Platform was utilized to construct SecurIoT, a launchpad for device management applications in environments ranging from domestic network control centers to foreign hostile environments.

Built for operational monitoring of Internet of Things devices, SecurIoT features a Flaremap with each cell representing a specific device. The devices are grouped by location, either by geographic position or by location within a site. The cells are sized by an indicator of importance, such as the amount of traffic or criticality to operation, driving key devices to the upper left. Finally, cell color represents a device’s composite “risk status” – used to indicate anomalies in device operation, some resulting from malicious activity and others from more benign failure. Powering this detection is the Visual Action Logic Layer, which analyzes direct status communications from the IoT devices and which also tracks historical patterns to identify deviations from normality. When the Logic Layer detects an anomaly, the cell is flagged red. For example, a telecom provider using the SecurIoT application for network management may see a large cell flash red, immediately prompting further analysis given the criticality of the equipment and its lack of routine function.

The resulting analysis takes place within a set of Workflow Extensions specifically chosen to mirror the user's preferred investigation path. Geographic Workflow Extensions follow along with the navigation of the Flaremap, reflecting the exact location of selected devices. Device readouts show communication from devices, whether network traffic or specific device-triggered communications. Initial issue analysis reports are displayed, providing insight into the cause of the anomaly triggering the red flagging. Supplemental information about the current industry landscape and activity is also brought in to keep analysts apprised about developments that may be relevant to their operations or current issues.

Once the user is satisfied that the flagged device presents a risk worth escalating, they can choose to quarantine the device, which moves the associated cell into a Quarantine Zone. From there, they are able to take actions to resolve the issue, such as communicating with response teams or initiating remote access to either disable or take other action on a specific device. This functionality can spare teams from going out into the field, which is particularly critical when working in hostile environments where an anomaly may be the result of malicious activity.

Within this workflow, users are able to identify, investigate, and remediate device issues, all within an interface tuned to allow this process to be performed as quickly as possible.

This example showcases how the Visual Action Platform delivers operational visualization, driving unmatched value for an organization's processes. To learn more about the Visual Action Platform, click here. To learn how the Visual Action Platform could be used by your organization, contact us.