Security Information & Event Management

Transcription

1 Your teammate in cyber security Security Information & Event Management

2 Who we are? Logsign founded in Istanbul All-in-one SIEM Co-managed SIEM HDFS & Elastic Search Petabyte level design SIEM Entegrated SOAR We believe security products should be a lot more smarter. While we continuously improve in the security intelligence area, we thrive to supply our customers with an easy to deploy, user friendly solution to cope with their cyber security problems. While doing this we never loose our focus on being a good teammate.

3 Industry Recognitions & Locations Our Offices İSTANBUL - ATAŞEHİR ANKARA - TEPE PRIME SAN FRANCISCO

4 What Is Logsign Siem? Logsign is a full feature, all-in-one SIEM solution that unifies Log Management, Security Intelligence and Compliance, delivering great value via clear visualization and better understanding to organizations. Security Intelligence Compliance with Regulations Log Management Your teammate in cyber security

5 How Does It Work? Integrates with sources Collects logs and normalizes Traces logs, visualizes threats Hightens your security and automatizes your responses More than 200 out-ofbox integration and free plugin services. Normalization, filtering, enrichment, prioritization. Visualizes detects anomalies, threats with over hundreds of reports and dashboards makes your data understandable. Takes automatic actions and gives you clues about your needed actions.

6 WHAT DOES REALLY MATTER FOR ENTERPRISES?

7 Deployment and Support Simplicity Real-time Monitoring Security Analytics User and Behaviour Monitoring Data and App Monitoring Early Threat Detection Incident Response and Management Security Intelligence and Correlation Automated Reporting for IT Compliance and Internal Auditing Speed Massive Scalability Availability and Clustering Delegation

8 Easy Installation And Integration 200+ Pre-Defined Integrations and Free Plugin Service On all bare metal, virtual or cloud environment! Deployment in a day is not a dream.

9 Scalable Cluster Architecture Scalability Matters Why? Big log data More admin/users, more locations SOC usage and visualizations How does Logsign scale? Stack tens of servers with similar roles Distribute different servers for different roles Granular services distributions Multicore Multimachine Vertical and horizontal scalability

10 High Availability & Redundancy High Backup Capacity 2x, 3x, nx data backup capability Automatic failover Services discovery and load balancing Self healing Redundancy at any layer Terabytes of live data capability Storage and backup capability of petabytes of data both live and offline

11 Speed Does It 100 Millons of Data < 1 Second

12 Delegation Flexible Delegation Capability For Greater Team Effectiveness Every IT member and/or group can easily and flexibly be involved in cyber security. You can give permissions to every single member / group and assign unique roles, dashboards and reports. DATABASES REPORTS Security admin Linux admin Windows admin Network admin Web admin DB admin ROLES DASHBOARDS

13 Data Policy Manager Logsign Dpm Efficient Data Management Logsign has a robust data management system to optimize system and storage capacity in input, process and storage levels. All Data / Logs, Branches Massive Senders Security Devices Network Devices Apaplications Input Layer Policies Storage Layer Policies Process Layer Policies Key, Value, Field, Device, regex, Message Level data processing

14 Threat Intelligence Combine The Internal Security Sources With The Global Threat Intelligence In Real Time! Counts threat intelligence data in correlation. Provides early threat detection and response in real-time. Prioritizes threat intelligence data and minimizes risk. Prevents false-positives via advanced correlation capability. INTERNAL FEEDS EXTERNAL FEEDS Usom - abuse.ch - malwaredomains - sans - torproject - blocklist - malc0de - arbor - snort - openbl - talosintel - cyberthreatalliance - maxmind - malwaredomainlist - badips - projecthoneypot

15 Alerts And Correlation High Capacity Correlation Correlates data from different sources in realtime or historical context. Detects security vulnerabilities and attacks. Real-time statistical and historical correlation. Counts threat intelligence data in correlation. Analyzes the correlated event with dashboard and reports. Any Data Firewall IPS Database File Server API Enrichment Filtering Aggregeration Normalization Classification Alert/ Correlation Engine Assets Behaviours Historical Data Statistics Real Time Conditions Threat Intelligence Vulnerabilities ACTIONABLE INSIGHTS ACTIONS INCIDENT Has a wide correlation library. REAL TIME / HISTORICAL DATA RESPONSE

16 Alerts And Correlation Detect Early & Response in Real-Time Detects security vulnerabilities and attacks. Produces alarms and informs the admins with sms and/or . Connects to API enabled security devices and takes action, thus establishes real time security.

17 Fast & Flexible Search Flexible Search Capability Logsign can help you find what you search within seconds. Supplies correct, relevant and actionable results. Drill down search. Ability to filter and focus. Ability to write new querries or modify current ones.

18 Dashboard Seamless Awareness Default dashboard and widgets helps you to monitor your system and network in real time. You can build your own dashboards for new or adhoc requirements.. Focuses on actionable results. Customizable analysis help you visualize according to the detail level you need. Drill down analysis.

19 On Demand & Scheduled Reporting Supplies default, automatic or adhoc reports, according to the demand of the users. Lets you customize hundreds of analytics based reports. You can easily share our web based/html/pdf or excel reports with your co-workers.

20 Easy Compliance Regulations NERC PCI DSS 5651 ISO Serisi SOX GLBA HIPAA FISMA Requirements Time Stamp Default, Automated Reports Digital Log Signing Signing Of Each Log Line End Of Day Signing Archieve Management Digital Certificate Management

21 Customer Satisfaction CUSTOMER SATISFACTION INDEX %94 * * According to ZenDesk data

22 Happy Customers

23 THANK YOU İSTANBUL - ATAŞEHİR ANKARA - TEPE PRIME SAN FRANCISCO For more info please contact us at info@ HELP CENTER support.logsign.net