CyberPilot SIEM is a service, not a product

You won’t have to figure out the implementation, analysis, and monitoring by yourself. Our specialists will take care of this and reach out if you need to act!

Click to enlarge

Our SIEM and Log Management service identifies suspicious behaviour

The CyberPilot Log Management service aim to identify the presence of abnormal activity on the devices you select.


Abnormal activities includes:


By collecting and monitoring a set of predetermined event logs, we uncover the incidents.

SIEM and log management helps you protect personal data

SIEM and log management is one way to detect improper external access to personal data, which brings you one step closer to GDPR compliance. If we quickly detect the incidents, then we can quickly initiate measures to limit the damage in a timely manner. We only process logs with the relevant information about security on the monitored devices.

You can read more about SIEM and log management here.

Examples of logs that handles users’ behaviour

Log in

The username is registered and collected. This is to sound the alarm if an unknown user tries to log in.

Inbound and outbound connections

IP addresses are collected and compared against a list of approved websites. You have the option of sounding off an alarm, but you will not be able to see which website was visited.

Installed applications

A log is created when a program is installed. This is to detect malicious programs.

How it works

An activity is performed, such as:


Event logs are generated and forwarded to the monitoring system


If the log indicates suspicious activity, an alarm is triggered. The reasons could be:

CyberPilot monitors the alarms and determines whether further action is needed

The CyberPilot SIEM service allows you to quickly identify and manage the incident, which strengthens your cyber security.

We do not spy on your team!

The logs do not register sensitive information and information of a private nature.

Event logs do NOT provide access to view activities such as:

What is being written on the devices

Saved files

Who people are contacting (e.g., on Skype)

Private photos

The passwords of users

YouTube videos being watched


What is included in our SIEM service?

  • Implementation
  • Real-Time
  • Historical logs
  • Setup

Our SIEM collects the relevant security logs from network devices, operating systems, systems, and applications. We also collect the relevant alarms and messages from your other security solutions (antivirus, firewall, endpoint protection, etc.). This provides you with a valuable and robust overview.

Click to enlarge
Real-Time Analysis

We provide real-time analysis based on the needs of your organisation. Our specialists have years of experienced and are knowledgeable about current threats.

Real-Time Monitoring and Alarms

Get notified immediately when incidents occur. You can respond quickly and efficiently, which minimises the risk and cost that comes with a security breach.

Click to enlarge
Access to Historical Logs

Logs are centrally collected and stored. It is easy to obtain information about historical activity and obtain evidence should the need arise.

Click to enlarge

The system can be set up in your own infrastructure or we can host it, as we do for many customers. It is entirely up to you!
We are experienced with a wide range of SIEM technologies, including QRadar, LogPoint, Nagios, and Logz.io. We can implement the system in a way that provides you with the most insight.

Interested? Let us know how we can help you:


Contact us

You are always welcome to contact us
for an initial and informal chat about your cyber security challenges.