Redefining SIEM

Incorporating the power of Big Data Advanced Security Analytics

ClearSkies™ Software-as-a-Service is a fast, robust, scalable and flexible Next Generation SIEM solution. It provides real-time correlation of log data combined with evidence-based knowledge of emerging threats and vulnerabilities, thus allowing the early detection of and response to targeted attacks and data breaches.

Having received the 2015 Data Impact Award for Most Admirable Architecture, ClearSkies™ SaaS NG SIEM integrates Big Data Advanced Security Analytics (real-time in-depth User & Entity Behavioral, Artificial Intelligence, Predictive and Machine Learning analysis) from its already powerful and feature-rich ClearSkies™ Big Data Advanced Security Analytics Platform. These powerful capabilities extract contextual information regarding users and assets for the prediction of suspicious and/or the detection of abnormal behavior, which would otherwise go undetected by conventional SIEM systems.

In today’s rapidly expanding cyber-threat landscape, ClearSkies™ SaaS NG SIEM empowers organizations to enhance their incident response, forensics, legal and regulatory compliance operations across the board in an efficient and cost-effective manner, with virtually zero upfront investment.

Big Data Advanced Security Analytics

Your most powerful ally against emerging cyberattacks

ClearSkies™ SaaS NG SIEM Collects, Archives, Digitally Signs, Encrypts, Normalizes, Correlates, Masks and Intelligently Analyzes, vast volumes of historical and current log data in real time, from heterogeneous data sources, using in-depth User & Entity Behavior Analysis, Artificial Intelligence, Predictive and Machine Learning models. It does so with speed, depth and breadth that conventional SIEM systems are simply incapable of delivering.

Advanced Security Analytics

By combining current and historical log data for real-time analysis, ClearSkies™ can identify new event patterns which are related to past events. Through this process, ClearSkies™ is able to identify outliers and patterns which indicate suspicious or malicious activity that would otherwise be impossible to track.

 Drastic Reduction in False Positives

Unlike traditional SIEM, advanced security analytics and adaptive correlation capabilities minimize false positives and generate small numbers of security alerts, allowing security personnel focus on combating real cyber-threats.

Adaptive Correlations

Vast volumes of historical log data for analysis significantly enhance the ongoing calibration of user and entity activity to normal patterns of behavior. This allows early detection and response to potentially harmful, ongoing malicious activities and user suspicious behavioral pattern changes. This process further uses contextual information with evidence-based knowledge (Threat Intelligence) of emerging threats and vulnerabilities.

 Alerts triage based on your Risk Appetite

Simplifying your security staff’s investigation and response tasks, alerts are prioritized by their severity and impact reflecting your organization’s chosen risk appetite. Additional forensic information accompany alerts for a more effective and timely response.

Streamlining your Threat Management Process

ClearSkies™ SaaS NG SIEM streamlines your Threat Management Process by significantly accelerating your proactive cyber-threat detection and response capabilities, thus drastically reducing your “Detection Deficit” (time between breach and discovery). At the same time, it safeguards the Confidentiality, Integrity and Availability of sensitive information found within log data.

(Digitally Sign,

Why ClearSkies™ SaaS NG SIEM

ClearSkies™ SaaS NG SIEM supports the full range of security information and event management functions in a holistic manner, including security and compliance posture assessment, real-time monitoring, incident escalation and investigation, deployment flexibility, insightful advanced security analytics, and powerful correlation capabilities.

Key Features Key Benefits
 Collects, stores, processes, aggregates and analyses vast volumes of historical and current heterogeneous data sources  The combination of current and historical log data for real-time analysis enables the identification of new event patterns and outliers indicating some kind of malicious or suspicious activity
 Achieves up to 95% reduction in the number of False – Positive alerts by combining advanced analytics and adaptive correlation capabilities  Security personnel can focus on real cyber-threats
 Generates alerts that are enriched with additional forensic information  Simplifying security analysts’ job in responding to cyberattacks
 Intelligently analyzes and correlates data by incorporating evidence-based knowledge and contextual information about users, assets, threats and vulnerabilities  Early detection and response to targeted attacks and data breaches
 Digitally signs and encrypts log data, safeguarding the confidentiality of sensitive information  Log data can be utilized for forensic investigation purposes and/or legal evidence, should the need arises
 Quickly respond to security incidents anytime, anywhere, through ClearSkies™ Mobile App  Real-time visibility while on the go
 Flexible license and delivery model  Offered in different flavors (Express, Enterprise, Hybrid) based on customer needs and budget
Chatbot (Accomplish more using ClearSkies™ SaaS NG SIEM and ClearSkies™ EDR Agent.)
New Help Module (Become a SIEM expert with an enhanced Help module integrated with ClearSkies™ admin/user guides.)
Login Page Redesign (New look and feel with animated backgrounds and pleasant interface.)
Configuration Wizard (Expand your reach with more configuration capabilities added to this centralized control panel.)

SIEM-as-a-service vs On-Premises Model

ClearSkies™ SaaS NG SIEM is offered in the Software-as-a-Service model so that you may avoid an upfront on-premises investment. It further reduces the ongoing costs associated with hardware obsolescence, software updates, maintenance, and keeping in-house security experts. It requires very little time to be implemented and it is offered in a flexible hybrid license model when combined with Managed Security Services. It can also be scaled to suit your needs and budget.

On-premises   SIEM-as-a-Service

Big Data Advanced Security Analytics 


Threat Intelligence/ Risk Mitigation


Upfront Investment 


Administration & software maintenance (operational Expenses) 


Hardware obsolescence 


Hybrid Licence model (SIEM with MSS/MDR)


Scalable based on needs and budget


Fast Implementation, immediate results

After 6 to 18 months  Within 4 to 6 weeks


Low High

*Trading in or replacing an on-premises SIEM with a more powerful one could result in an organization losing more than 75% of their initial invenstment.

ClearSkies™ Secure Web Portal

The ClearSkies™ Secure Web Portal is a highly customizable, centralized management console, providing organizations with clear, real-time visibility of important incidents, metrics, indicators and risk assessment through smart, fully customizable intelligent dashboards.

Real-Time Visibility
Provides real-time visibility of an organization’s security posture and helps you meet compliance for on-premises, cloud or both, in hybrid IT environments.
User-friendly Interface
Incorporates functional and visual components by utilizing the robustness of the Tile architecture. Tiles of different colors, shapes and sizes, represent entire “Main Menu” items, “Shortcuts” and “ServiceModules” which comprise of “Tools/Applications” with different functionalities for granularity purposes.
Highly Customizable Environment
The Portal’s highly customizable environment enables users to customize their working environment based on their job responsibilities, operational needs and work habits.
Easy to Understand your log Data
The Portal’s working interface provides enhanced visibility and understanding of your log data.

ClearSkies™ SaaS NG SIEM on Microsoft Azure

Azure customers can now deploy ClearSkies™ SaaS NG SIEM within minutes by following a few simple steps.
ClearSkies™ SaaS NG SIEM on Microsoft Azure uses the Bring-Your-Own-License (BYOL) delivery model.
Find ClearSkies™ SaaS NG SIEM on Microsoft Azure Marketplace now.

Out-of-the-box functionality "ServiceModules"


What our Clients Say!

How ClearSkies™ NG iCollector™ works

Deployed either on-premises or in cloud environments, the ClearSkies™ NG iCollector™ is an intelligent device which collects and intelligently analyzes in real time log data from various types of assets, utilizing contextual information and evidence-based knowledge of emerging threats, vulnerabilities, users and assets.

ClearSkies™ NG iCollector™ performs a number of operations:

  • Collect
  • Archive (Digitally Sign/Encrypt)
  • Normalize
  • Intelligently Analyze
  • Correlate
  • Mask

Learn more…

Archive (Digitally Sign,

What's new