top of page
  • LinkedIn
  • White Twitter Icon

SecBox SIEM
Security Incident & Events Management
 

CHALLENGE

IT infrastructure of a today’s company is a complex mechanism that includes a great many corporate systems:

 

  •  Firewall

  •  Antiviruses

  •  Applications

  •  Databases

  •  Virtualization environments

  •  OS servers and PCs

  •  Email servers

  •  Active Directory

  •  Network hardware and other hardware

Every system is a source of personal, financial and corporate data that violators aim to obtain.

The company can be endangered both by actions of system administrators (unauthorized granting of access rights, creation or deletion of accounts, firewall disabling) and by vulnerability of the products through which violators can get access to a company’s data


SOLUTION

Secbox's SIEM (Security information and event management):
system for analyzing flow of events, detecting information security incidents, and reacting to them. SECBOX SIEM accumulates information from different sources, analyzes it, detects incidents, and notifies about them.

 

Operating principle of SECBOX SIEM is its algorithm:
STEP 1
Collecting events from different sources: network hardware, PCs, security systems, OS

STEP 2

 

Analyzing data and making correlations, detecting incidents

 

STEP 3

 

Remembering incidents and notifying in real time

secbox_siem.png

SECBOX

What incidents does SECBOX SIEM detect ?
 

  • Virus epidemics and separate virus infections

  • Attempts to get unauthorized access to confidential information

  • Errors and failures in information systems operation

  • Credentials fraud

  • Critical events during the security system operation

 

What sources does SECBOX SIEM analyse ?


SIEM can gather information from every source:

EVENT LOGS OF SERVERS & WORKSTATIONS :
Used to control access, compliance with information security policies

NETWORK ACTIVE EQUIPMENT :
Used to control access and network traffic, detect attacks, notify about errors and network statuses

ACCESS CONTROL, AUTHENTICATION
Information system access rights control

ANTIVIRUSES
Information about availability, reliability, and validity of antivirus SW, information about infections, virus epidemics, and malware
 

VIRTUALIZATION ENVIRONMENTS

Virtual machines creation, usage, and deletion control

ADVANTAGES of SECBOX SIEM


FOR MEDIUM AND SMALL-SIZED BUSINESS

SECBOX SIEM has low hardware and software requirements. The solution is integrated promptly and requires minimum customization.

The price depends on the number: the more licenses there are, the less the price is.

 


EXPERIENCE OF MANY CLIENTS

We have studied the experience of our biggest clients, identified general needs and best practices to employ them in SECBOX SIEM

 


SYMBIOSIS OF SECBOX SIEM & SECBOX DLP

The simultaneous operation of Secbox SIEM and Secbox DLP fortifies a company’s information security program. SIEM detects abnormal behavior and the way the access to information is gained. Secbox DLP analyzes communication channels. The combination of the two systems enables you to investigate any incident properly and get evidence.

 


SIMPLE LICENSING SYSTEM

The number of licenses depends on the number of users/equipment unit

© 2023 by SECBOX

bottom of page