Seceon aiSIEM

Seceon aiSIEM™

Security Information and Event Management (SIEM) is a critical technology significant part of an organization’s security posture. Yet many organizations struggle today with its deployment, execution as security experts are required to make meaningful correlation and decisions for remediation and, above all, total cost of ownership (TCO).

 

Many organizations are leaning to MSSPs or third-parties to provide managed services which are evolving to address these challenges. This does relieve the organizations from the burden of doing the heavy lifting but adds significant dependencies and operational costs.

Seceon aiSIEM™ goes beyond using the log data, simple analysis for correlation of events and applying rules to enhance an organization’s security posture. It ingests raw streaming data – Logs from all devices in the ecosystem, Flows, such as, NetFlow, JFlow, sFlow and subscribes to Microsoft® Windows® Active Directory™ service to provide users, computers and groups and their interactions. Machine learning handles large data volumes in conjunction with contemporary big data frameworks efficiently and enables to adapt to any environment dynamically upon deployment for deep data analysis. AI helps to bolster cyber security by generating meaningful alerts with improved accuracy from scores of threat indicators otherwise analyzed by the security professionals and producing actionable intelligence for threat containment and elimination in real-time.

Seceon Flow Generator

The Flow Generator analyzes the span port traffic and creates NetFlows which are converted into events that can then be used for threat models.

 

The Flow Generator can be used in environments where Routers or Firewalls do not have the capability of generating NetFlows.

Seceon Traffic Analyzer

Seceon® Traffic Analyzer is a powerful traffic analytics tool based on a framework capable of deep protocol analysis. It provides real-time visibility into network bandwidth performance. The traffic analyzer runs on an Ethernet interface and generates logs (HTTP, FTP, DNS, Files, SMB, IRC, Notice, Known_Service) by analyzing raw unencrypted network traffic from a SPAN port on a switch.

These logs are categorized by common protocol types which are further processed and sent to Seceon OTM Platform.