You won’t have to figure out the implementation, analysis, and monitoring by yourself. Our specialists will take care of this and reach out if you need to act!
The CyberPilot Log Management service aim to identify the presence of abnormal activity on the devices you select.
By collecting and monitoring a set of predetermined event logs, we uncover the incidents.
SIEM and log management is one way to detect improper external access to personal data, which brings you one step closer to GDPR compliance. If we quickly detect the incidents, then we can quickly initiate measures to limit the damage in a timely manner. We only process logs with the relevant information about security on the monitored devices.
The username is registered and collected. This is to sound the alarm if an unknown user tries to log in.
IP addresses are collected and compared against a list of approved websites. You have the option of sounding off an alarm, but you will not be able to see which website was visited.
A log is created when a program is installed. This is to detect malicious programs.
An activity is performed, such as:
Event logs are generated and forwarded to the monitoring system
If the log indicates suspicious activity, an alarm is triggered. The reasons could be:
CyberPilot monitors the alarms and determines whether further action is needed
The logs do not register sensitive information and information of a private nature.
Event logs do NOT provide access to view activities such as:
What is being written on the devices
Who people are contacting (e.g., on Skype)
The passwords of users
YouTube videos being watched
Our SIEM collects the relevant security logs from network devices, operating systems, systems, and applications. We also collect the relevant alarms and messages from your other security solutions (antivirus, firewall, endpoint protection, etc.). This provides you with a valuable and robust overview.
We provide real-time analysis based on the needs of your organisation. Our specialists have years of experienced and are knowledgeable about current threats.
Get notified immediately when incidents occur. You can respond quickly and efficiently, which minimises the risk and cost that comes with a security breach.
Logs are centrally collected and stored. It is easy to obtain information about historical activity and obtain evidence should the need arise.
The system can be set up in your own infrastructure or we can host it, as we do for many customers. It is entirely up to you!
We are experienced with a wide range of SIEM technologies, including QRadar, LogPoint, Nagios, and Logz.io. We can implement the system in a way that provides you with the most insight.
Interested? Let us know how we can help you: