Security Information and Event Management (SIEM) is a security management system that gives you a complete view of activity in your network, enabling you to respond to threats in real-time. It collects, parses and classifies machine data from a wide range of sources, then analyzes the data to provide insights so you can act accordingly.
The Benefit
why
Do
Companies
Need SIEM ?
Has a built-in dashboard and reports for general health safety audits
Login and logout activity from all devices and apps
Centralized Dashboard
Introducing Our Newest SIEM
meotrik SIEM
Siaga, real Time, Handal
Meotrik SIEM! Solusi andal bagi organisasi untuk memaksimalkan keamanan dan pemantauan sistem secara real-time.
Has a built-in dashboard and reports for general health safety audits
Has a built-in dashboard and reports for general health safety audits
Has a built-in dashboard and reports for general health safety audits
The Features
Event Collection: Collect events and logs from multiple sources with a wide variety of protocols, such as Syslog, logfile, and network flows.
formation Normalization: Storing information that has been normalized. Information normalization is the uniformity of the format from various heterogeneous sources into a uniform and consistent format, to make it easier to analyze. Information from each source can have a different format, for example when a user is logged on, the event format is different on Windows, on Linux, or a network device. But all of them have the same information, namely the user logs in, then the event can be normalized by SIEM.
Information Enrichment: This information enrichment can use internal or external references. In a data center that contains hundreds of servers, some servers may have a more important role than other servers. Server asset information based on this internal IP address can be entered into SIEM so that an incident on an important server can have a higher level of urgency than incidents on other servers.
Information Correlation: SIEM is used to detect patterns in a set of information. For example, a computer logging in using 5 different UserIDs on 1 day will have a high level of urgency in correlation, because it is similar to the pattern of using other people’s passwords illegally from that computer.
Alerting: If a critical event is detected, SIEM can send near real-time alerts to email or to the ticketing system (helpdesk), so that they can be immediately followed up on the same day. In general, SIEM also has simple incident management built-in, which can be used by companies that do not yet have a ticketing system.
Historical Data Retention, Reporting, Dashboard, dan Forensic Analysis : Furthermore, all information and analysis results are stored for daily reports, monthly reports, near real-time security dashboards, and for forensic needs if needed.
PT Global Innovation Technology is a SIEM (Security Information and Event Management) vendor in Indonesia and has implemented it in banks and telcos since 2008.
Let's
Get In Touch
Learn more and implement the solution for your company as soon as possible!