MetaGrid software enables cyber security operations teams to quickly identify, prioritize, and focus their activities on threat-induced anomalies with the highest security risk.

Utilizing advanced machine learning and contextual user input, MetaGrid also makes automatic data-driven changes that refine its operation and increase its effectiveness, based on each client’s unique operational environment and the ever-changing global threat landscape. Because MetaGrid detection is behavior triggered, it can detect threat activity without dependence on threat signatures—meaning it can detect anomalies associated with both known and unknown, “zero day” attacks.




Red Lambda’s MetaGrid solution has key differentiators that deliver significant advantages when compared many products in the cybersecurity space:

Stream-time Processing

MetaGrid acts on data before that data comes to rest. This concept of “stream-time” processing is dramatically different from systems that have to first backhaul—in other words, store—their data and bring it to rest before they can perform the functions necessary to detect threat behaviors. By processing data in stream-time, MetaGrid is able to identify threats quickly, enabling timely threat response.

Behavioral Detection

MetaGrid doesn’t rely on threat signatures. Instead, it identifies threat behaviors comprised of activities occurring on the systems and network. That means MetaGrid can identify threats that may not have ever been seen before – the “zero day” attacks.

Behavior Prioritization

SOC operators are overloaded with the volume of alerts received from their cybersecurity systems. MetaGrid helps to eliminate data overload by assigning risk scores to events that prioritize threat behaviors. It also notifies operators of threat behaviors using easy to understand terminology in highly- graphic displays. The result is a prioritized list of threat behaviors that allow SOC operations to focus their efforts on high-probability network events and more effectively manage risks to their data operations.

Intuitive Threat Investigation

It’s not enough to only identify threat behaviors. SOC operators need the ability to quickly and intuitively explore threat activities in order to rapidly gain a comprehensive understanding of the identified threat behaviors, the extent of their activity, and their root cause. Best of all, MetaGrid enables this to happen in minutes -- rather than days and weeks. 

While that’s not all of MetaGrid’s differentiation, it’s a pretty good summary of what makes MetaGrid worth learning more about!


Utilizing agent-less detection technologies, a distributed processing grid-architecture, state-of-the-art data handling technologies, advanced machine learning algorithms, MetaGrid is capable of rapidly detecting threat-induced system and network anomalies with high-reliability and enterprise-level scalability. MetaGrid is a complete, software-based anomaly detection solution that includes compute, file system, advanced data and event storage technologies, data visualization, indexing and analytics.

MetaGrid’s patented technology enables rapid ingestion, correlation, clustering, and analysis of vast amounts network operational data. It then identifies, scores, and prioritizes likely threat behaviors and presents this information using interactive data visualizations that facilitate rapid investigation and comprehensive understanding of threat activities throughout the entire cyber kill chain. With that understanding, security operations teams can quickly understand the extent, impact, and root cause of cyber incidents within their network. Where threat hunting used to take days, weeks, or more, MetaGrid can reduce the process to minutes - enabling timely threat mitigation actions.


Stream Time Data Ingestion and Analysis

Leveraging breakthroughs in data science, and machine learning, MetaGrid ingests high volumes of network and endpoint data. While this data is still in motion, before it comes to rest, MetaGrid conditions, normalizes, and correlates the data in preparation for additional “stream-time” threat behavior analysis. 

Threat Behavior Detection

MetaGrid’s analysis also includes the risk scoring of related events that ultimately make up an aggregate risk scoring of a risk behavior. High priority risk behaviors and all of their contributing risk events are then presented to SOC operators in a highly visual, easy-to-understand format.

Rapid, Intuitive Data Investigation

Threat behaviors and all of their related events can then be easily explored using MetaGrid’s interactive graphical data presentations that enable operators to perform rapid, intuitive drill-down and investigations to identify the extent, impact, and root cause of a cyber incident.

Unsupervised Machine Learning

Utilizing advanced machine learning technology, MetaGrid enhances its capabilities over time, making adaptive data-driven changes that refine its operation and effectiveness, based on each client’s unique operational environment. 


MetaGrid fits every security environment and it doesn’t displace current security and endpoint protection systems. Instead, MetaGrid acts as “security rebar” in today’s layered security environments, reinforcing existing security capabilities by detecting threats that have otherwise circumvented existing security products. MetaGrid strengthens security, improves detection speeds, and reduces threat investigation time and complexity — taking cybersecurity to a new level of effectiveness.

MetaGrid Layered Security Structure