Meridian is a Data Fabric platform for security data that discovers every asset, every account, and every user, classifies newly discovered data, and calculates risk so you can be better prepared.
Meridian is SaaS-based and requires minimal configuration or maintenance for customers.
Meridian ingests read-only data from IT, operations, security, and HR solutions, and structured and unstructured data from data lakes.
After Meridian ingests data from your environment, Meridian uses graph data, machine learning, and predictive analytics to detect and classify all assets and users, even those not detected by the solutions in your environment.
The Meridian platform enables security, IT, and other teams to:
-
Discover and describe previous unknowns — assets, users, data
-
Identify risks such as unmanaged assets, unmanaged users, missing agents, outdated OS, expired certificates, and more
-
Develop unique insights from de-duped and triangulated tech stack information
-
Manage IT assets and vulnerability
-
Enhance data security
-
Manage user onboarding and offboarding
-
Accelerate alert triage, incident response, investigation, and remediation
-
Meet compliance requirements
-
Classify unstructured file information to help manage data access
-
Ensure consistent versioning and upgrade
Configuration #
Meridian is SaaS-based and requires minimal configuration or maintenance for customers.
Assets, Users, Data, Vulnerabilities, and Risk #
Meridian discovers all assets, users, data, and vulnerabilities and uses these inputs to calculate risk.
-
Asset. An entity that stores, transmits, or processes data, including laptops, workstations, servers, virtual machines, cloud instances, docker containers, and more.
-
User. An entity that is authenticated into the enterprise environment (logs in) and can access assets. Users include active directory users, VPN users, MFA users, Intune users, IAM and cloud IAM users, and more.
-
Data. An entity that is identified and associated with a certain data category (by department) and data classification. Meridian data classifications, in ascending order from least risk to most risk, are: public (lowest risk), private, confidential, restricted (highest risk). For example, one user may be accessing confidential product source code, or one asset may be storing restricted PCI data.
-
Vulnerabilities. Meridian uses publicly available databases to monitor and discover Common Vulnerabilities and Exposures (CVEs) and Know Exploited Vulnerabilities (KEVs) in your environment. CVEs and KEVs are publicly disclosed security flaws.
-
Risk. Meridian includes multiple risk measurements for assets and users. You can use these risk measurements to prioritize assets and users that require analysis and possible mitigation.
Connectors #
Connectors enable Meridian to ingest read-only data from your environment and discover, identify, and classify assets, data, and users.
Meridian includes pre-built connectors for the most commonly used solutions for security, vulnerability scanning, cloud, data warehouse, identity management, logs, network, endpoint management, IP management, file sharing, and devops.
The current list of Connectors reflects all the Connectors currently in production at customer sites. With over 300 connectors, we’re sure we have yours. And if we don’t have your connector, we guarantee a 2-day turnaround for new connectors.
For details about connectors, see Connectors.
Meridian’s Machine Learning #
Meridian fills the gaps between security solutions. After ingesting data from connectors, Meridian enriches that data through machine learning.
SmartLabels #
Meridian includes a feature called SmartLabels. SmartLabels allow you to apply custom business rules to Meridian data. When building queries, you can use the SmartLabels as you would use any of the default fields.
-
If you need to write complex queries, SmartLabels can help save time and reduce errors.
- SmartLabels allow you to manipulate ingested data before including that data in a SmartLabel. For example, you can manually enter a value, concatenate ingested data, apply a regular expression to ingested data, and perform mathematical actions like addition, division, subtraction, and multiplication on ingested data.
-
SmartLabels can be combined and nested. So you can use a SmartLabel or a Tag within another SmartLabel.
Dashboards #
Dashboards provide real-time insights into your assets, users, and data. Each dashboard includes dynamic data, customized to your requirements. Dashboards provide at-a-glance visibility into the assets, users, and data in your environment and the policies or compliance that matters most to you.
Meridian includes pre-built dashboards, called Value-Oriented Dashboards or VODs. You can easily edit these dashboards to suit your needs or easily create your own custom dashboards.
For details about dashboards, see Dashboards.
Automations #
Meridian includes automated actions that aid in continuous monitoring and remediation. These actions are easy to configure and can run as frequently as needed.
Actions include sending email messages, posting a message to slack, creating tickets, isolating infected devices, or making changes to Active Directory, among other options.
For example, you can define an action that sends a slack message to the IT team if Meridian discovers one or more assets without endpoint protection.
For details about actions, see Actions.
Headless #
Meridian can run headless, providing all the benefits of Meridian without requiring your IT team to learn a new interface. Using webhooks, Meridian can send data from the Meridian platform to other solutions in your environment.
Meridian webhooks are especially useful for integrations with SIEMs and data lakes. For example, you could send a webhook that contains information about all newly discovered assets from Meridian to a SumoLogic instance. SumoLogic could then display this information in a dashboard.
For details about webhooks, see Running Headless with Webhooks.
API #
Meridian includes APIs that allow access to the data in the Meridian database. The APIs are useful for integrations with other solutions. For details, see APIv2.
