Log-management

CyberPilot SIEM is a service, not a product

You won’t have to figure out the implementation, analysis, and monitoring by yourself. Our specialists will take care of this and reach out if you need to act!

log-system-historical-logs
Click to enlarge

Our SIEM and Log Management service identifies suspicious behaviour

The CyberPilot Log Management service aim to identify the presence of abnormal activity on the devices you select.

icon-scan-danger

Abnormal activities includes:

icon-scan-danger

By collecting and monitoring a set of predetermined event logs, we uncover the incidents.

SIEM and log management helps you protect personal data

SIEM and log management is one way to detect improper external access to personal data, which brings you one step closer to GDPR compliance. If we quickly detect the incidents, then we can quickly initiate measures to limit the damage in a timely manner. We only process logs with the relevant information about security on the monitored devices.

You can read more about SIEM and log management here.

Examples of logs that handles users’ behaviour

person-computer
Log in

The username is registered and collected. This is to sound the alarm if an unknown user tries to log in.

ip-adress-icon
Inbound and outbound connections

IP addresses are collected and compared against a list of approved websites. You have the option of sounding off an alarm, but you will not be able to see which website was visited.

icon-computer-loading
Installed applications

A log is created when a program is installed. This is to detect malicious programs.

How it works

An activity is performed, such as:

icon-click-white

Event logs are generated and forwarded to the monitoring system

icon-generate-log-white

If the log indicates suspicious activity, an alarm is triggered. The reasons could be:

CyberPilot monitors the alarms and determines whether further action is needed

icon-scan-log-white
The CyberPilot SIEM service allows you to quickly identify and manage the incident, which strengthens your cyber security.

We do not spy on your team!

The logs do not register sensitive information and information of a private nature.

Event logs do NOT provide access to view activities such as:

What is being written on the devices

Saved files

Who people are contacting (e.g., on Skype)

Private photos

The passwords of users

YouTube videos being watched

etc.

What is included in our SIEM service?

  • Implementation
  • Real-Time
  • Historical logs
  • Setup
Implementation

Our SIEM collects the relevant security logs from network devices, operating systems, systems, and applications. We also collect the relevant alarms and messages from your other security solutions (antivirus, firewall, endpoint protection, etc.). This provides you with a valuable and robust overview.

log-system-overview-activities
Click to enlarge
Real-Time Analysis

We provide real-time analysis based on the needs of your organisation. Our specialists have years of experienced and are knowledgeable about current threats.

Real-Time Monitoring and Alarms

Get notified immediately when incidents occur. You can respond quickly and efficiently, which minimises the risk and cost that comes with a security breach.

platform-log-alerts
Click to enlarge
Access to Historical Logs

Logs are centrally collected and stored. It is easy to obtain information about historical activity and obtain evidence should the need arise.

log-system-historical-logs
Click to enlarge
Setup

The system can be set up in your own infrastructure or we can host it, as we do for many customers. It is entirely up to you!
We are experienced with a wide range of SIEM technologies, including QRadar, LogPoint, Nagios, and Logz.io. We can implement the system in a way that provides you with the most insight.

Interested? Let us know how we can help you:

Top

Contact us

You are always welcome to contact us
for an initial and informal chat about your cyber security challenges.