In keeping with our principle “to fulfil our clients’ needs and exceed their expectations”, we are continuously revamping our platform with new innovative features and enhancements. Such features and enhancements are a testament to our pioneering role in the uncharted territory of Big Data & Security Analytics.
Three major features are introduced in this ClearSkies NG SECaaS SIEM version.
User Entity Behavioral Analysis (UEBA)
This truly innovative feature can be considered as the single most important value delivering addition in this release. Taking behavioral analytics to the next level, UEBA utilizes unsupervised machine learning and advanced behavioral analytics to build out behavioral baselines for User and Asset entities. This capability enables the detection, IN REAL TIME, of insider threats, targeted attacks, and malicious patterns of traffic caused by user behaviors, both normal and malicious in nature.
Enhanced visibility into your security posture
Aware of the critical importance of being in control of your security risk management process, a number of innovative features and enhancements are introduced in this release which, considerably enhance your visibility into your organization’s security posture, while considerably improving users’ operational experience.
Announcing ClearSkies NG SECaaS SIEM “Express”
We could no longer turn a deaf ear to the important and urgent needs of the small and medium businesses. They may be smaller in size but are subject to the same laws and regulations and face the same cybersecurity challenges of their larger counterparts, which most of the time are much more detrimental to their very survival. ClearSkies NG SECaaS SIEM “Express”, a ClearSkies version which offers all powerful features to address small to medium business needs, yet without the complexity that larger organizations may deem necessary. Most importantly, it makes proactive security management affordable to this significant economic sector.
“ClearSkies NG SECaas SIEM “Express” version
The ClearSkies NG SECaaS SIEM “Express” version includes the full functionality of ClearSkies NG SECaaS SIEM, but with the following capacity restrictions:
Important Note: For taking advantage of this new feature you should be running Endpoint v4.0 and above.
This service provides to the web portal user the ability to define which “LogSources” report LogData to the iCollector. If the “No LogData” service is enabled for a specific “LogSource”, the following configuration options are provided to the web portal user:
Important Note: When a “No LogData” incident is raised and the status is “Open”, the “Correlation Engine” stops issuing “No LogData” Alerts