HCP Architecture
Hortonworks Cybersecurity Platform (HCP) is a cybersecurity platform. It consists of the following components:
The data flow for HCP is performed in real-time and contains the following steps:
Information from telemetry data sources is ingested into Kafka topics (Kafka is the telemetry event buffer).
A Kafka topic is created for every telemetry data source. This information is the raw telemetry data consisting of host logs, firewall logs, emails, and network data.
The data is parsed into a normalized JSON structure that Metron can read.
The information is then enriched with asset, geo, threat intelligence, and other information.
The information is indexed and stored, and any resulting alerts are sent to the Metron dashboard, the Alerts user interface, and telemetry.