SaaS NG SIEM

Redefining SIEM

Incorporating the power of Big Data Advanced Security Analytics

ClearSkies™ Software-as-a-Service is a fast, robust, scalable and flexible Next Generation SIEM solution. It provides real-time correlation of log data combined with evidence-based knowledge of emerging threats and vulnerabilities, thus allowing the early detection of and response to targeted attacks and data breaches.

Having received the 2015 Data Impact Award for Most Admirable Architecture, ClearSkies™ SaaS NG SIEM integrates Big Data Advanced Security Analytics (real-time in-depth User & Entity Behavioral, Artificial Intelligence, Predictive and Machine Learning analysis) from its already powerful and feature-rich ClearSkies™ Big Data Advanced Security Analytics Platform. These powerful capabilities extract contextual information regarding users and assets for the prediction of suspicious and/or the detection of abnormal behavior, which would otherwise go undetected by conventional SIEM systems.

In today’s constantly changing threat landscape, ClearSkies™ SaaS NG SIEM empowers organizations to enhance their incident response, forensics, legal and regulatory compliance operations across the board in an efficient and cost-effective manner, with virtually zero upfront investment.

Big Data Advanced Security Analytics

Your most powerful ally against emerging cyberattacks

ClearSkies™ SaaS NG SIEM Collects, Archives, Digitally Signs, Encrypts, Normalizes, Correlates, Masks and Intelligently Analyzes, vast volumes of historical and current log data in real time, from heterogeneous data sources, using in-depth User & Entity Behavior Analysis, Artificial Intelligence, Predictive and Machine Learning models. It does so with speed, depth and breadth that conventional SIEM systems are simply incapable of delivering.

Advanced Security Analytics

By combining current and historical log data for real-time analysis, ClearSkies™ can identify new event patterns which are related to past events. Through this process, ClearSkies™ is able to identify outliers and patterns which indicate suspicious or malicious activity that would otherwise be impossible to track.

 Drastic Reduction in False Positives

Unlike traditional SIEM, advanced security analytics and adaptive correlation capabilities minimize false positives and generate small numbers of security alerts, allowing security personnel focus on combating real cyber-threats.

Adaptive Correlations

Vast volumes of historical log data for analysis significantly enhance the ongoing calibration of user and entity activity to normal patterns of behavior. This allows early detection and response to potentially harmful, ongoing malicious activities and user suspicious behavioral pattern changes. This process further uses contextual information with evidence-based knowledge (Threat Intelligence) of emerging threats and vulnerabilities.

 Calibration based on Risk Appetite

Alerts are ranked by severity and impact, based on a preselected risk model which reflects the organization’s risk appetite. They are even enriched with additional forensic information to simplify a security analyst’s job in responding to cyberattacks before it is too late.

Streamlining your Threat Management Process

ClearSkies™ SaaS NG SIEM streamlines your Threat Management Process by significantly accelerating your proactive cyber-threat detection and response capabilities, thus drastically reducing your “Detection Deficit” (time between breach and discovery). At the same time, it safeguards the Confidentiality, Integrity and Availability of sensitive information found within log data.

TIME TO DETECT
Collect
Archive
(Digitally Sign,
Encrypt)
Intelligently
Analyze
Correlate
SAFEGUARDING
CONFIDENTIALITY
Mask
TIME TO RESPOND
Assess
Mitigate

Why ClearSkies™ SaaS NG SIEM

ClearSkies™ SaaS NG SIEM supports the full range of security information and event management functions in a holistic manner, including security and compliance posture assessment, real-time monitoring, incident escalation and investigation, deployment flexibility, insightful advanced security analytics, and powerful correlation capabilities.

Key Features Key Benefits
 Collects, stores, processes, aggregates and analyses vast volumes of historical and current heterogeneous data sources  The combination of current and historical log data for real-time analysis enables the identification of new event patterns and outliers indicating some kind of malicious or suspicious activity
 Achieves up to 95% reduction in the number of False – Positive alerts by combining advanced analytics and adaptive correlation capabilities  Security personnel can focus on real cyber-threats
 Generates alerts that are enriched with additional forensic information  Simplifying security analysts’ job in responding to cyberattacks
 Intelligently analyzes and correlates data by incorporating evidence-based knowledge and contextual information about users, assets, threats and vulnerabilities  Early detection and response to targeted attacks and data breaches
 Digitally signs and encrypts log data, safeguarding the confidentiality of sensitive information  Log data can be utilized for forensic investigation purposes and/or legal evidence, should the need arises
 Quickly respond to security incidents anytime, anywhere, through ClearSkies™ Mobile App  Real-time visibility while on the go
 Flexible license and delivery model  Offered in different flavors (Express, Enterprise, Hybrid) based on customer needs and budget
Enhanced “Big Data Search” and “UEBA” applications
New “Heat Map”, “Threat Anticipation” & near real-time “Attack Probes” applications
ServiceNow Ticketing integration.
Office365 and Azure Active Directory log and event data support
Microsoft Edge web browser compatibility.
iCollector High Availability failover system option

SIEM-as-a-service vs On-Premises Model

ClearSkies™ SaaS NG SIEM is offered in the Software-as-a-Service model so that you may avoid an upfront on-premises investment. It further reduces the ongoing costs associated with hardware obsolescence, software updates, maintenance, and keeping in-house security experts. It requires very little time to be implemented and it is offered in a flexible hybrid license model when combined with Managed Security Services. It can also be scaled to suit your needs and budget.

On-premises   SIEM-as-a-Service

Big Data Advanced Security Analytics 

NO YES

Threat Intelligence/ Risk Mitigation

NO YES

Upfront Investment 

YES NO

Administration & software maintenance (operational Expenses) 

YES NO

Hardware obsolescence 

YES NO

Hybrid Licence model (SIEM with MSS/MDR)

NO YES

Scalable based on needs and budget

YES* YES

Fast Implementation, immediate results

After 6 to 18 months  Within 4 to 6 weeks

Effectiveness/Cost

Low High

*Trading in or replacing an on-premises SIEM with a more powerful one could result in an organization losing more than 75% of their initial invenstment.

Flexible & Scalable Delivery Model

Considering the varying sizes, needs, complexity, internal capabilities, budget constraints and cybersecurity management maturity levels of different organizations, ClearSkies™ SaaS NG SIEM is offered in different flavors: Express, Enterprise, Co-Managed and MS Hybrid.

SaaS NG SIEM
EXPRESS
ClearSkies™ SaaS NG SIEM “Express” is a brand new, innovative delivery model, offering all powerful features at an affordable price. It addresses…
SaaS NG SIEM
ENTERPRISE
ClearSkies™ SaaS NG SIEM "Enterprise" addresses the cybersecurity needs of all organizations regardless of size, complexity or industry. Its...
SaaS NG SIEM
CO-MANAGED
Several organizations are faced with lack of expertise, limited internal security resources and lack of experience in processes and activities. Odyssey...
SaaS NG SIEM
HYBRID
Consolidating your cybersecurity management function regardless of responsibility ownership, ClearSkies™ SaaS NG SIEM allows for an asset-based...

ClearSkies™ Secure Web Portal

The ClearSkies™ Secure Web Portal is a highly customizable, centralized management console, providing organizations with clear, real-time visibility of important incidents, metrics, indicators and risk assessment through smart, fully customizable intelligent dashboards.

Real-Time Visibility
Provides real-time visibility of an organization’s security posture and helps you meet compliance for on-premises, cloud or both, in hybrid IT environments.
User-friendly Interface
Incorporates functional and visual components by utilizing the robustness of the Tile architecture. Tiles of different colors, shapes and sizes, represent entire “Main Menu” items, “Shortcuts” and “ServiceModules” which comprise of “Tools/Applications” with different functionalities for granularity purposes.
Highly Customizable Environment
The Portal’s highly customizable environment enables users to customize their working environment based on their job responsibilities, operational needs and work habits.
Easy to Understand your log Data
The Portal’s working interface provides enhanced visibility and understanding of your log data.

Out-of-the-box functionality "ServiceModules"

 

What our Clients Say!

How ClearSkies™ NG iCollector™ works

Deployed either on-premises or in cloud environments, the ClearSkies™ NG iCollector™ is an intelligent device which collects and intelligently analyzes in real time log data from various types of assets, utilizing contextual information and evidence-based knowledge of emerging threats, vulnerabilities, users and assets.

ClearSkies™ NG iCollector™ performs a number of operations:

  • Collect
  • Archive (Digitally Sign/Encrypt)
  • Normalize
  • Intelligently Analyze
  • Correlate
  • Mask

Learn more…

Collect
Archive (Digitally Sign,
Encrypt)
Normalize
Intelligently
Analyze
Correlate
Mask

What's new