Seceon aiSIEM dekker en rekke sikkerhetsfunsjoner i nettverket. I stedet for bare å knytte seg til logger fra ulike systemer går Seceon direkte inn i datastrømmen. Seceon gir ikke en mengde varsler som krever store ressurser til å håndteres, men med maskinlæring tar den de aller fleste valg automatisk selv.
Security Information and Event Management (SIEM) is a critical technology significant part of an organization’s security posture. Yet many organizations struggle today with its deployment, execution as security experts are required to make meaningful correlation and decisions for remediation and, above all, total cost of ownership (TCO).
Many organizations are leaning to MSSPs or third-parties to provide managed services which are evolving to address these challenges. This does relieve the organizations from the burden of doing the heavy lifting but adds significant dependencies and operational costs.
Seceon aiSIEM™ goes beyond using the log data, simple analysis for correlation of events and applying rules to enhance an organization’s security posture. It ingests raw streaming data – Logs from all devices in the ecosystem, Flows, such as, NetFlow, JFlow, sFlow and subscribes to Miscrosoft® Windows® Active Directory™ service to provide users, computers and groups and their interactions. Machine learning handles large data volumes in conjunction with contemporary big data frameworks efficiently and enables to adapt to any environment dynamically upon deployment for deep data analysis. AI helps to bolster cybersecurity by generating meaningful alerts with improved accuracy from scores of threat indicators otherwise analyzed by the security professionals and producing actionable intelligence for threat containment and elimination in real-time.
Over 60% of small-to-medium (SMB) enterprises go out of business should they be attacked by cyber criminals. Cyber-attacks, such as, Ransomware, DDOS, etc. specifically target smaller, more vulnerable businesses with a lack of security expertise and fragile infrastructure. Many businesses are leaning to Managed Security Service Provider (MSSP) to provide managed services which are evolving to address these challenges. MSSPs provide remote ‘outsourced’ monitoring of security events and management of security devices, such as, Firewalls, Intrusion Detection. They provide a shield of protection that small-to-medium businesses need for its very existence.
Seceon aiMSSP™ provides SOC-in-a-Box services, which includes 24x7 security monitoring, threat intelligence, detection and remediation in real-time, at a nominal and predictable linear costs. SOC-in-a-box expands the current service offerings bringing advanced threat detection and mitigation capabilities to small-to-medium businesses.
Mer info, webex, demo og video hos produsenten.