TEHTRIS SIEM (Security Information and Event Management) centralizes and organizes the management of all security logs: events and logs of systems, applications and network or security equipment. Once collected, archived and encrypted, these elements are analysed on a continual basis. TEHTRIS SIEM comes with more than 450 correlation rules to detect suspicious activity and to report alerts in all traditional business environments such as Windows, Unix, Cloud, Firewalls, proxies, etc.
By exporting your logs to TEHTRIS SIEM VMs, you limit the risk associated with the loss of activity evidences from the system, application and infrastructure layers. In the event of a break in, attackers would no longer be able to erase their fingerprints from the logs, and you would be able to follow the hacking progress thanks to TEHTRIS XDR Platform.
In addition, retrospective analysis of archived raw logs can simplify forensics operations against complex attacks like identity thefts, internal bounces and malicious elements.