SIEM
Security Information and Event Management
SGBox is a modular platform for controlling and managing ICT security. Its modular and distributed architecture means it can adapt to the various company needs. With SGBox, you can create an aggregate display with all the information gathered from log collection, vulnerability scan and endpoint status. The collected information feeds a correlation engine and analytics system to provide a fully network security posture and adopt automatic response against cyber security threats. SGBox SIEM is offered as on premise or cloud installation; single or multi-tenant version.
Log Management
- Collect and analyze any data from any kind of device.
Event Correlation
- Define correlation rules to detect anomalous patterns and scenarios.
Vulnerability Assessment
- Vulnerability scans over the network to find vulnerabilities and misconfigurations.
System Monitoring
- Continuos monitoring to check assets resources and services availability.
User Behavior Analytics
- Determine the risk profiles of users inside your network.
Endpoint Threat Detection
- Monitor activity across all endpoints providing deep visibility into their security state.