Rook Security, based in Indianapolis, Indiana, is a managed threat response force that is dedicated to providing global IT security solutions that anticipate, manage and eliminate threats.

As the number and types of devices connected to the Internet increase, the need to protect those devices from attackers is increasing as well.

To this end, Rook Security provides their Force platform, which is a tool that streamlines the process of handling incoming security alerts, thereby increasing the efficiency of Rook’s in-house security analysts and lowering response times to threats.

Our Force Platform Ingestion Tool with Alert Correlation system is a tool that processes security alerts from Rook clients for ingestion into the Force platform.

When a security alert is received by the Force platform, our system processes the alert by extracting key information and by analyzing the alert to determine whether it relates to other recent alerts, potentially grouping it into a larger case automatically.

Rook security analysts view these security alerts and respond accordingly depending on the type of attack, the source of the threat, the threat level and other relevant information.

Our system also enables Rook analysts to create connections with new clients to route their alerts into Force to be monitored.

Our Force Platform Ingestion Tool with Alert Correlation system runs on a Python Django web platform, using React/Redux JavaScript libraries, and is accessible by any modern web browser.