AristotleInsight : Product of Sergeant Laboratories , Behavioral Analytics
AristotleInsight: The First Big Data Security Application For The UDAPE™ Model
Track From User, To Device, To Application, To Process, To Endpoint.

“It actually takes weeks of forensic activity to go through the log files and do the good, detailed, forensics”

-Former Special Advisor to the President on Cybersecurity, Richard Clarke

We Find This Absurd.

We thought it was absurd that in an era of big data, it takes weeks to investigate what happened within an IT environment.

So we built AristotleInsight.

We built AristotleInsight to collect, analyze and store the enormous amounts of UDAPE data necessary to document exactly what occurs at any given moment now or in the past. Our virtualized data channel and bayesian compression allow for years of forensic data to be stored, structured, and organized.

A tool for information security, risk, audit, and compliance professionals.

Data without structure is useless. Security professionals need easy access data and metrics that are repeatable, organized, and historic.

AristotleInsight’s unique data linking and behavioral analysis provides structure for years of security data. Changes, anomalies, and suspicious activity simply jump out. Post incident response will never be the same.

To see a security solution that is built for security professionals, that is not a science fair project, and that just works, contact us today.

What Can Big Data Security Analytics Do For You?

Information security, risk, and compliance professionals fight to obtain meaningful metrics that are repeatable, structured, and historic. Currently their data is provided by repurposed IT tools, and is incomplete, difficult to collect, and unorganized. The holy grail of information security is easy access to structured, historic metrics across users, devices, applications, processes, and endpoints. We accomplished this with AristotleInsight, our big data security analytics solution. AristotleInsight tracks from user, to device, to application, to process, to endpoint—implementing the UDAPE model of security metrics.

  • Advanced persistent threat detection , behavioral analytics , UDAPE
  • Detect and remediate advanced persistent threats by tracking, validating, and comparing IPs, processes, applications, devices, and users for anomalies.
  • Track and document every remote connection, including who connects, where they connect from, and what actions they take while connected.
  • Track all vulnerabilities, provide patching information, document successful patching, and detect re-introduction.
  • Validate IT processes. (ITSM)
  • Monitor and document access to sensitive databases or files. See who accesses sensitive data, and what changes they make.
  • Conduct post incident response with granular forensics. Track activity from user, to device, to application, to process, to endpoint.
  • Establish and maintain baselines for privileges, configurations, audit policies, and regulations such as FIPS, STIGS, HIPPA, PCI-DSS, and FISMA.
  • Manage, audit, and validate, and track privileges and permissions.

AristotleInsight Implements the UDAPE™ Model

The core of the UDAPE model is the ability to collect, correlate, and organize security data across the full spectrum of an IT environment.  This requires the ability to collect and track data from User, to Device, to Application, to Process, to Endpoint.  Until AristotleInsight, collecting such large amounts of data swamped networks, and was impossible to correlate and organize.  At Sergeant Laboratories, we have been learning to unobtrusively move huge amounts of data throughout networks since the 1980’s.  A culmination of over 30 years of research and engineering progress, AristotleInsight is the first solution with the capabilities necessary to carry out the UDAPE model:

Store Granular Data For Years

UDAPE data is only useful if it can be used to create long-term baselines and trends, as well as to conduct post incident response.  AristotleInsight stores granular data for years, without charging by the amount of data collected.

Data Linking

Too many security tools dump thousands of lines of static log data on security professionals and expect them to pinpoint issues with rudimentary search capabilities.  AristotleInsight links the full spectrum of UDAPE data, organizing it into reports and making it granularly searchable and sortable.

Data Driven Machine Learning

AristotleInsight utilizes machine learning to minimize the need for user configuration.  AristotleInsight adapts to evolving environments without the need to continuously reconfigure, tune, or manually update.

Seamless and Adaptive Installation, Maintenance, and Update

AristotleInsight installs across tens or tens of thousands of endpoints in hours, not days or weeks.  Installation, maintenance, and updates do not affect network performance or end users.

Massively Scalable

The compression and bayesian technology backing AristotleInsight allows its scalability virtually unlimited.  The more data AristotleInsight collects, the more it learns, making it a natural fit for large environments.

Robust Business Intelligence

The data AristotleInsight collects is easily exportable and shareable.  Automatically email reports on a daily, weekly, or monthly basis.  Configure real-time emails and SMS messages for critical events.

Benefits Of The UDAPE™ Model For Big Data Security Analytics

Technology capable of implementing the UDAPE model produces powerful benefits. Instead of using bolt-on solutions that create data silos and visibility holes, AristotleInsight is able to provide a historic, contextually rich, enterprise-wide perspective of your information security, risk, governance, and audit posture – all within a single pane of glass.  The results are impressive:

Make Comparisons

Compare groups of users, devices, or applications to find unique configurations, deviations from baselines, and suspicious activity.

Unprecedented, Detailed Post Incident Response

AristotleInsight stores years of the data needed for post incident response in a granular, searchable, and sortable format.  Instead of spending weeks combing through logs, AristotleInsight provides details quickly.

Proactively Audit Configurations, Privileges, and Audit Policies

AristotleInsight tracks every user and devices configurations, privileges, and audit policies.  Proactively audit conformance to baselines, and receive automated notifications when changes occur.

Enterprise and Department Wide Baselines

Establish baselines across your entire enterprise and within each department.  Track baselines over time to discover trends and notice anomalies.

Manage Information Security Like The CFO Manages Finance

Accounting software collects financial data to provide management with the metrics, trends, and comparisons used to govern enterprise finances.  AristotleInsight provides the CISO and CIO with the same level of insight into information security and governance.  AristotleInsight is for security what accounting software is for finance.

Maintain and Prove Compliance

AristotleInsight enables security and compliance professionals to continually work towards and maintain compliance, while historically storing the data needed to demonstrate compliance for auditors.

Technology Based On Science

Alan Turing, known as the founder of computer science, showed us over 80 years ago that it is impossible to bolt on security.  He demonstrated this through his analysis of the halting problem. Many still attempt to enhance security with bolt on products. Compare this to finance.  By measuring processes, comparing trends, and investigating anomalies, the world has enjoyed monetary control for almost 400 years.

  • UDAPE , Log collection , log management , log analysis , behavioral analytics

AristotleInsight collects massive amounts of security data in order to create baselines, track trends, and detect anomalies – enabling security and compliance professionals to measure processes, compare trends, and investigate anomalies, just like their counterparts in the accounting department.

A Solution Built For Security-Risk-Audit-Compliance Professionals

AristotleInsight is built from the ground up for security professionals.  Instead of relying on repurposed IT tools to piece together security related data, AristotleInsight collects, organizes, and conducts first pass analysis on the data security professionals need.  AristotleInsight ends the scavenge for data, and points security professionals towards the problems worth investigating.


We pride ourselves on building technology that is immediately useful, solves daily problems.  Our name, Sergeant Laboratories serves as a daily reminder of our commitment to providing those out solving problems with the tools they need to be successful.


AristotleInsight scales both vertically and horizontally.  The ease of installation and unique data compression technology allows AristotleInsight to scale from small businesses to fortune 500 companies spread around the globe.


Security tools should not break when your network changes, require hours of tuning, or require programming expertise to maintain.  AristotleInsight is virtually invisible within a network, is OS agnostic, and naturally adapts as your network evolves.

Dedicated To Our Customer’s Success

We understand that information security, compliance, risk, and audit professionals have their hands full. Mistakes and oversights can have enormous consequences. We routinely call and offer to walk through your data with you to provide a neutral perspective of your current security posture. We are not a consulting firm trying to sell more services; we are security experts dedicated to your organizations information security success.

  • Unprecedented support
  • Routine check-ins with our security and compliance experts
  • Call to speak with an engineer or security expert in minutes

Organized and Intuitive

AristotleInsight organizes data into 3 layers of increasing detail. Seamlessly navigate from high level trends and baselines down into granular forensics for post incident response.

Unlimited and Historic

AristotleInsight doesn’t charge based on lines of data.  AristotleInsight is built to store virtually unlimited amounts of data for years.  Compare your network against itself a year ago, or forensically investigate a historic incident.

Proactive and Reactive

AristotleInsight provides the metrics and trends to proactively measure the success of security goals and audit baselines, as well as access to the historic information needed to investigate and react to historic incidents.

Who Are We?

Sergeant Laboratories builds sophisticated software that provides straightforward solutions to complicated IT problems. Over fifteen years ago, our engineers were asked, “What are our computers actually being used for?” Answering that question has proven critical to successful IT security and compliance. Our flagship product, AristotleInsight, has been widely adopted by financial institutions, governmental bodies, healthcare facilities, and retail chains. We have developed an agile design and marketing model which allows us to rapidly react to feedback from customers.  Our years of experience, combined with extensive input from customers, enables us to provide a practical solution that just works and is used every day.