Skip to content
English
Customer portal
Contact us
  • There are no suggestions because the search field is empty.

Omni Map User Guide

OmniGraph


Overview

OmniMap is SIRP’s real-time graph intelligence engine that visualizes relationships between alerts, assets, users, IOCs, vulnerabilities, and actions across your environment.
It transforms fragmented incident data into an interactive, context-rich map, enabling analysts to see who, what, and how an attack unfolds, instantly.

Core Purpose

OmniMap provides situational awareness and deep correlation by linking all security data points into one continuously updated graph.
It helps analysts:

  • Understand the blast radius of an alert

  • Identify root causes and related incidents

  • Track attack progression and relationships

  • Enable AI reasoning and autonomous actions through OmniSense and Reflex

Key Features

Feature

Description

Interactive Visualization

Explore entity relationships via a real-time, zoomable, and clickable graph view.

Entity Mapping

Displays nodes for Alerts, Assets, Users, IOCs, Vulnerabilities,Threats, and more.

Relationship Insights

Shows how entities connect — e.g., “Alert raised on Asset,” “Analyst associated with an Incident.”

Click-to-Expand & Collapse

Expand connected nodes or condense the graph for clearer visualization.

Real-Time Updates

Auto-refreshes as new events are logged in,.

Graph Elements

  • Nodes – Represent entities such as Alerts, Assets, Users, IOCs, Vulnerabilities, or Cases.

  • Edges – Show relationships between entities with directional meaning (e.g., RAISED_ON, HAS_VULNERABILITY, INVOLVES).

  • Node Details – Appear on hover, showing quick info such as severity, timestamp, or risk.

  • Color Codes – Each node type has a distinct color and icon for easy identification.


User Actions

  1. Navigate – Use the mouse or trackpad to zoom and pan through the graph.

  2. Select Node – Click any entity to view detailed attributes in the side panel.

  3. Expand Relationships – Click “+” icons to reveal connected entities.

  4. Filter / Search – Use filters to focus on relevant node types or keywords.

  5. Inspect Insights – Review linked MITRE mappings, related incidents, and team members on the side panel.

Integration with AI

OmniMap powers OmniSense and Reflex by providing real-time context for LLM and RL-driven reasoning.

  • Reflex uses OmniMap context to decide containment scope.

  • OmniSense LLM queries the graph for historical relationships and similar cases.

Analyst Benefits

  • Single visual source for complete incident context

  • Rapid detection of hidden links between alerts

  • Smarter prioritization through S3-driven node insights

  • Reduced investigation time with AI-guided navigation

  • Continuous learning as OmniMap evolves with every incident

Summary

OmniMap is the visual memory and reasoning layer of SIRP —
connecting every asset, user, and threat into a unified intelligence graph.
It empowers analysts and AI agents alike to see, understand, and act with precision and context, turning raw data into actionable security insight.