Sciencesoft's Siem solution

Build up your network security with a sound SIEM solution

OVERVIEW

ScienceSoftSIEM is a SIEM platform enhanced with self-diagnostics and self-optimization features. Based on IBM QRadar® SIEM system, ScienceSoft SIEM is enhanced with an automated monitoring tool that allows security administrators to continuously sustain the SIEM system operability.

PROBLEM

Security Information and Event Management (SIEM) System provides real-time visibility of the entire IT infrastructure. Yet, in the long run, it starts to pose performance challenges:

  • inefficient EPS license capacity utilization
  • low log data quality and performance
  • security events omission
  • misfiring rules
  • heavy rules and reports

As a result:

vulnerable perimeter, costly administration and low ROI.

SOLUTION

Healthy SIEM system is the key to full-scale security protection of the whole network.

PURPOSE

24/7 Real-time APT, fraud and insider threat detection. 

KEY FUNCTIONS

Log data collecting and storing

Log data collecting and storing

ScienceSoft SIEM collects and stores large volumes of log data from all network devices, business applications, OS databases, etc.

Event normalization and categorization

Event normalization and categorization

ScienceSoft SIEM parses raw input events from disparate sources, stores and presents them in a readable format. Applies identical categories for events with the same meaning: e.g., Windows User Logon and Linux User Logon have the same category.

Compliance and reporting

Compliance and reporting

ScienceSoft SIEM generates a comprehensive report to comply with major security standards, such as Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry Data Security Standard (PCI DSS) and more. Provides the ability to create a custom reports.

Event & flow analysis and correlation

Event & flow analysis and correlation

ScienceSoft SIEM processes numerous events and flows and determines relations between them in real-time mode or analyzes events and flows already stored.

Risk management

Risk management

On the basis of collected data from firewalls, routers, switchers IPSs, vulnerability feeds and third-party security sources ScienceSoftSIEM is able to monitor its configurations, prioritize security risks and vulnerabilities in your network.

Network traffic analysis

Network traffic analysis

ScienceSoftSIEM helps to sense, detect and respond to activities throughout your network to identify malicious traffic packets and evaluate network utilization.

Vulnerability management

Vulnerability management

ScienceSoftSIEM intelligence promptly discovers, analyzes and reports about vulnerabilities in your network helping to prioritize remediation activities.

SIEM health and performance monitoring and analysis

SIEM health and performance monitoring and analysis

ScienceSoft SIEM provides all-round visibility into statistical, performance and behavioral parameters of the system itself at any given moment.

Data quality analysis and fine-tuning assistance

Data quality analysis and fine-tuning assistance

ScienceSoft SIEM helps to improve log data quality and minimize risks of missing log data despite high loads of the system. In addition, the solution enables quick and well-timed fine-tuning by in-house security specialists.

UNIQUE FEATURES

35+ Performance and Behavioral Metrics, 25+ Health Markers

35+ Performance and Behavioral Metrics, 25+ Health Markers

Provide on-the-fly performance assessment and configuration fine-tuning. Get an accurate portrait of the system with insights into such important aspects as:

  • Critical modification to log sources
  • Presence of uncategorized or unknown events
  • Excessive time of correlation rule execution
  • Slow response of correlation rules
  • Detected auto-update errors

Detailed report

Detailed report featuring
  • Console summary of the system’s state (e.g., the number of active log sources and assets, storage and memory available, top 10 unique offences)
  • EPS and FPI statistics
  • Events and flows timelines
  • Disk, CPU and memory usage on managed hosts
  • Log sources statistics
  • Incoming log data quality
  • Correlation rules, reports performance and more

Get a quick snapshot of your ScienceSoft SIEM and trace the dynamics of its performance.

Suggestion of further remediation steps

Suggestion of further remediation steps

Restore the solution faultless operability.

BENEFITS OF SCIENCESOFT SIEM SOLUTION

Value for security teams

For Security Teams

  • Better control of the SIEM system deployment
  • Prompt diagnostics of security threats
  • Less manual work
  • Host overload protection
  • Increased visibility of log data quality
  • Improved utilization of EPS license capacity

Value for security decision makers

For Decision Makers

  • Improved visibility of security events
  • Less time, efforts, budget spent on the SIEM solution maintenance and tuning
  • Improved efficiency of security teams and SOCs
  • Higher SIEM system ROI

THE LICENSING

ScienceSoft provides a flexible discount system on the ScienceSoft SIEM solution with an option for special bids.