Continuous analysis of logs and events
eGambit SIEM (Security Information and Event Management) centralizes and organizes the management of all security logs: events and logs of systems, applications and network or security equipment. These elements thus collected, archived and encrypted are constantly analysed. Basically, eGambit SIEM comes with more than 450 correlation rules to detect what is suspicious and to report alerts, for all traditional business environments such as Windows, Unix, Cloud, Firewalls, proxies, etc.
By exporting your logs to eGambit SIEM VMs, you limit the risks associated with the loss of activity evidences from the system, application and infrastructure layers. In particular, in the event of a breakin, attackers would no longer be able to erase their fingerprints in the logs, and you would be able to follow the hacking progress thanks to eGambit.
In addition, retrospective analysis of archived raw logs can simplify forensics operations against complex attacks: identity thefts, internal bounces, malicious stuffs, etc.
Collection of all types of logs and events
Correlation engine with enhanced rules
Real-time detection & remote investigations
BENEFITS
- All log formats are supported
- Effective from the beginning of your project thanks to hundreds rules of correlations provided by default
- Fast and simplified deployment
- Customizable correlations
- Adding of correlations upon request
Compliant with GDPR regulations
Since its creation, TEHTRIS has taken into account, from the very beginning, the protection of all data processed in order to ensure the security of the information systems entrusted to it, from the time of development and each time its eGambit arsenal is improved. Security and privacy by design measures are used for each step of data processing, from the collection of data in your infrastructure to its destruction on our Appliances.
TEHTRIS applies the same principles of security and privacy by design in each of its eGambit Solutions in order to protect the integrity, confidentiality and authenticity of your data.
