Secure web portal

The ClearSkies™ Secure Web Portal is a highly customizable, centralized management console, providing organizations with clear, real-time visibility of important incidents, metrics, indicators and risk assessment through smart, fully customizable intelligent dashboards.

SEARCH & VISUALIZE

Apply simple super-fast search queries on vast volumes of log data collected, and review insightful meaningful visualizations of your networks’ and systems’ activity. Correlate your log data events with Threat Intelligence to easily identify and investigate threats before it is too late.

INTELLIGENTLY ANALYZE

Deploy User & Entity Behavior Analysis (UEBA) to baseline users’ normal patterns of behavior. By

constantly monitoring policy violations, configuration files, key system files, critical files/folders, network activity and running processes, you can timely detect malicious activities and/or suspicious behaviors, which could lead to data leakage, system compromise or system performance degradation that would otherwise go undetected by conventional on-premises SIEMs.

UTILIZE THREAT INTELLIGENCE

Stay proactive against targeted attacks and data breaches by engaging evidence-based Threat Intelligence of emerging threats and vulnerabilities as they arise. Visualize the threat landscape with a near-live Threat Map and a Heat Map of threats affecting your environment. Structure your defenses accordingly in line with insightful Threat Anticipation indicators.

CORRELATE & ASSESS

Compile effective Adaptive Correlation Rules specific to your organization’s risk appetite, using a guided step-by-step interface. Simply assess Alerts fired according to classification and relevancy to your organization’s individual circumstances, exposures and goals.

EFFECTIVELY MANAGE

Easily assign Incidents raised to your chosen team members for further investigation and resolution. Monitor and direct the investigation and resolution progress with the user-friendly built-in management interface of the entire Incident Escalation workflow.

ASSESS RISK

Determine an indicative and precise assessment of the Information Risk to which your organization is exposed. Get a comprehensive overview of your current security posture with graphs and visualizations that accurately reflect your organization’s cyber risk level at any given time.

MEET COMPLIANCE

Review the exact compliance standing of your organization with comprehensive breakdowns of each regulation and its current status. Timely meet, validate and demonstrate complex regulatory compliance requirements found under PCI DSS, ISO 27001, FISMA, HIPAA, SWIFT and GDPR, effortlessly, efficiently and cost-effectively.

Out-of-the-box functionality
“ServiceModules”

Analytics

Enables your organization to intelligently process, aggregate and analyze large volumes of structured and unstructured log data collected from the in-scope assets. This process helps your organization extract contextual information regarding users and assets for identifying suspicious/malicious activity, and/or the detection of abnormal behavior which would otherwise go unnoticed using conventional SIEM systems.

Event Management

Helps your organization with the efficient and effective monitoring, classification and management of “Incidents” which may pose a threat to the confidentiality, integrity and availability of your information assets. This way, you can delegate actions and responsibilities by internally assigning these “Incidents” to other departments/people within the organization for further investigation and resolution, using the built-in incident management and escalation process workflow.

Threat Intelligence by IthacaLabs™

Continuously delivers Threat Intelligence information for existing and/or emerging cyber-threats and vulnerabilities. This helps your organization with the early detection and response to targeted attacks and data breaches before it is too late. Furthermore, this intelligence information gathering also helps by improving your decision-making process when strategically planning your internal defenses against similar future type of threats.

Dashboards

Provides your organization with the ability to create and customize individualized intelligent dashboards with drilldown capabilities based on your work responsibilities and habits.

Performance & Availability

Supports your organization with the proactive monitoring of the performance and availability of network devices, systems and communication links with the collection and processing of Netflow and SNMP log data, thus minimizing downtime and relevant business costs caused by service interruptions.

Vulnerability Management

Empowers your organization with a 95% reduction of false positive alerts by importing vulnerability information relating to in-scope network devices, systems and applications, thus empowering security personnel with the insight to focus on real cyber-threats.

Compliance

Helps your organization meet and validate complex compliance requirements found under PCI DSS, ISO 27001, FISMA, HIPAA and SWIFT in an efficient and cost-effective manner. Furthermore, with the use of ClearSkies™ NG Endpoint Agent, it associates FIM features with the supported compliance criteria.

ClearSkies™ NG EDR Agent

ClearSkies™ NG EDR Agent v6.1 is a comprehensive Endpoint Detection & Response solution, fully integrated with ClearSkies™ SaaS NG SIEM. It complements the detection and prevention of never-before-seen targeted attacks and insider threats with the use of Behavioral Monitoring and Analysis (BMA) and by leveraging Advanced Security Analytics complemented by Threat Intelligence and signature-based detection.

Reports

Provides many predefined report templates designed to help your organization meet the requirements of supported regulatory frameworks. In addition, it allows for easy generating and scheduling of ad hoc custom reports based on your organization’s needs and business requirements. Reports can be exported in CSV and PDF formats and can be sent automatically to selected email recipients.

Identity &
Access

Aggregates, visualizes and monitors the statuses of your user accounts across the board, drastically improving the auditing and insider threat detection capabilities of your organization with minimal effort. Generates security alerts relating to identity and access irregularities that would otherwise go unnoticed, effectively safeguarding you against insider threats. Learn more on Identity & Access.

Incident Management & Communication channels

Alerts/Events that have been determined to impose a threat are escalated to incident status and assigned to the appropriate internal personnel for further investigation and resolution, using the built-in incident management process workflow through incident escalation communication channels:

Email

Push Notifications on
Smart Devices & Tablets

ClearSkies™ NG Secure
Web Portal