Kustodian’s SIEMonster: SIEM for everyone with no limits
As a security professional, protecting your company’s assets from internal or external attacks is a never ending complex job. It is crucial that you have visibility across your entire environment. It’s like having a house alarm, there is no point having some rooms with motion sensors and others without it.
All systems have the ability to let out an event that something is going on but is there anyone listening to these events or cries for help. When you picture your environment, with servers, workstations, network appliances, printers, SCADA and other equipment they all log events. On top of this all your applications are sending out events or alerts including Web Servers, Databases, Applications, Anti-Virus and Endpoint protection.... More Info »
By using a Security Incident Events Management system (SIEM) we can capture all of these events and separate the “Cry wolfs” from the real attacks and alert the security professional that an attack maybe underway. SIEM’s can be configured to alert operators via a console, SMS or email for any suspect activity. This could be when an administrator creates another privileged account or alerted when an executive is using email from a destination that is different from their current location or a compromised endpoint. The rules and alerts to suit your business are limitless. One of our customers retrenched 50 staff, they wanted to monitor closely the activity around intellectual property going out the door. By creating a rule and putting the members into that group alerts could be raised on file/folder copies from central servers to USB sticks....