Skip to content

DT-445-updates-proof #269

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 12 commits into from
Oct 30, 2025
Merged

DT-445-updates-proof #269

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
a2db7d2
Merge pull request #263 from VirtualMetric:dev
KorayErkan Oct 20, 2025
8b22434
Merge pull request #265 from VirtualMetric/dev
yusufozturk Oct 26, 2025
0566c1b
Refactor SIEM optimization section to replace mermaid diagram with a …
KorayErkan Oct 27, 2025
320317a
chore: update Docusaurus dependencies to version 3.9.2
KorayErkan Oct 27, 2025
a80610b
Merge pull request #266 from VirtualMetric/dev-new-integrations
KorayErkan Oct 27, 2025
e1d2d5e
Upgrade Docusaurus dependencies to version 3.9.2 for improved perform…
KorayErkan Oct 27, 2025
c1913a6
Merge branch 'dev' into DT-445-updates-proof
KorayErkan Oct 27, 2025
22920ee
Merge branch 'main' of https://github.com/VirtualMetric/virtualmetric…
KorayErkan Oct 27, 2025
8b4032d
Merge branch 'main' of https://github.com/VirtualMetric/virtualmetric…
KorayErkan Oct 27, 2025
394d031
fix: update docusaurus-lunr-search plugin configuration to exclude sp…
KorayErkan Oct 28, 2025
0cc0913
Merge branch 'dev' of https://github.com/VirtualMetric/virtualmetric-…
KorayErkan Oct 28, 2025
ac29b83
Merge branch 'dev' into DT-445-updates-proof
KorayErkan Oct 28, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
59 changes: 5 additions & 54 deletions docs/about/siem-optimization.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,35 +55,9 @@ Key principles include:

AI-based approaches introduce multiple risks that VirtualMetric's deterministic framework eliminates. AI models require training on actual log data, creating privacy and compliance concerns as sensitive security information may be learned by the model. AI processing adds significant latency and computational cost, reducing throughput and increasing infrastructure requirements. Most critically, AI decisions cannot be audited or validated, making it impossible to verify that security-relevant data is preserved.

```mermaid
graph TD
subgraph AI[AI-Based Optimization Risks]
R1[Unpredictable Results]
R2[May Drop Critical Events]
R3[Privacy Concerns]
R4[Training on Sensitive Data]
R5[Processing Latency]
R6[Increased Costs]
R7[Non-Auditable Decisions]
end

subgraph VM[VirtualMetric Approach]
V1[Deterministic Rules]
V2[Guaranteed Field Preservation]
V3[No Data Learning]
V4[High Performance]
V5[Cost Efficient]
V6[Fully Auditable]
V7[Expert Validated]
end

AI -.->|Risk| Enterprise[Enterprise Security]
VM -.->|Safe| Enterprise

style AI fill:#FFE5E5
style VM fill:#BCC0E7
style Enterprise fill:#E5E2FB
```
|AI-Based Optimization (Risky)|VirtualMetric's Approach (Safe)|
|---|---|
|<ul><li>Unpredictable Results</li><li>May Drop Critical Events</li><li>Privacy Concerns</li><li>Training on Sensitive Data</li><li>Processing Latency</li><li>Increased Costs</li><li>Non-Auditable Decisions</li></ul>|<ul><li>Deterministic Rules</li><li>Guaranteed Field Preservation</li><li>No Data Learning</li><li>High Performance</li><li>Cost-Efficient</li><li>Fully Auditable</li><li>Expert Validated</li></ul>|

**DataStream**'s expert-driven approach provides predictable, consistent results that security teams can trust. Every optimization decision is based on analysis of real-world security operations, validated by experts, and documented for audit purposes. Organizations can confidently deploy aggressive optimization knowing that detection capabilities remain intact.

Expand All @@ -104,7 +78,7 @@ Advantages over AI-based optimization include:
This approach means administrators configure optimization rules once per vendor, not once per vendor per SIEM platform. A single Fortinet optimization pack automatically reduces data volume for Sentinel, Splunk, Elasticsearch, and all other configured destinations. Changes to vendor-specific filtering rules immediately apply across the entire multi-platform deployment.

```mermaid
graph TD
graph LR
Vendor[Vendor Logs] --> Pack([Vendor Optimization Pack])

Pack --> Optimized[Optimized Data]
Expand Down Expand Up @@ -146,30 +120,7 @@ graph LR
Logs[Vendor Logs]

subgraph Packs[Vendor Optimization Packs]
FN[Fortinet]
PA[Palo Alto]
CP[Check Point]
CS[Cisco]
ZS[Zscaler]
CT[Citrix]
FP[Forcepoint]
F5[F5 BigIP]
SW[SonicWall]
BC[Barracuda]
IB[Infoblox]
WG[WatchGuard]
NZ[Nozomi]
AK[Akamai]
EH[ExtraHop]
DT[Darktrace]
CA[CyberArk]
VC[Vectra]
CR[CrowdStrike]
SM[Symantec]
SO[Sophos]
JN[Juniper]
AR[Aruba]
S1[SentinelOne]
PEnt["`Fortinet<br>Palo Alto<br>Check Point<br>Cisco<br>Zscaler<br>Citrix<br>Forcepoint<br>F5 BigIP<br>SonicWall<br>Barracuda<br>Infoblox<br>WatchGuard<br>Nozomi<br>Akamai<br>ExtraHop<br>Darktrace<br>CyberArk<br>Vectra<br>CrowdStrike<br>Symantec<br>Sophos<br>Juniper<br>Aruba<br>SentinelOne`"]
end

Logs --> Packs
Expand Down
7 changes: 3 additions & 4 deletions docusaurus.config.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -92,10 +92,9 @@ const config: Config = {
[
require.resolve("docusaurus-lunr-search"),
{
excludeRoutes: [
"/1.*/**/*",
],
},
excludeRoutes: ["/1.*/**/*"],
disableVersioning: true,
}
],
require.resolve('./plugins/validate-topics'),
require.resolve('./plugins/validate-images'),
Expand Down
Loading