Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
21 views13 pages

SIEM

Uploaded by

Davie Nganga
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
21 views13 pages

SIEM

Uploaded by

Davie Nganga
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 13

Security Information and Event

Management - Log360
Log360 is a comprehensive SIEM solution that helps enterprises
combat threats and mitigate attacks.

SIEM - Log360 Discover Windows and Linux/Unix devices, network devices, SQL servers,
and IIS web servers in your network.

Collects, monitors, analyses, logs from the discovered devices and applications.
Monitors security events across physical,
virtual, and cloud environments to help notice
patterns and foresee security threats.

Protecting confidential data and sensitive files


by monitoring critical files/folders.
EventLog Analyzer
Monitor and audit all privileged user activities,
detecting suspicious network behavior.

Continuously receives global threat feeds


from STIX/TAXII servers.

Built-in Incident Management.


Streamline firewall policies, optimize rules and
improve firewall performance.

Maintain a record of all the configuration changes by


automating change tracking.
Firewall Analyzer
Prevent network security threats by monitoring
security logs and internet usage.

Get notified on anomalous security and bandwidth


incidents through email and SMS.
AD and Azure AD Change Auditing :
Audit AD changes, user accounts management and Azure AD
environments.

File Change Monitoring :


Monitor file & folder accesses, file share & permission changes across
multiple platforms.
Compliance reports for HIPAA, GDPR, FISMA, PCI DSS, SOX, GLBA, ISO
27001.
AD Audit Plus
Windows server auditing :
Monitor changes to local administrative group and users, local policies.
Track USB usage and printer usage.

Logon and Log off auditing with account lockout analysis

Employee activity monitoring :


Monitor remote workers and track employee attendance with actual
working hours.
Analyze repeated failed attempts to log on to workstations and Critical
servers.
Manage both SharePoint servers and online
SharePoint environments.

Managing the SharePoint permissions, groups,and


users across the SharePoint environment.
Sharepoint
Audit any change made to site collections, sites, lists,
Manager Plus documents, and files.

Content from SharePoint On-Premises can be


granularly selected and moved to Office 365 with no downtime

Role based access control


Gain access to detailed audit reports on critical
activities, such as mailbox activities, mail traffic, admin
M365 Security activities, password changes, failed logons, file access.
Plus
Role based access to technicians without elevating
their permissions in Microsoft 365.
Data Security Plus performs file auditing, data leak
prevention, data risk assessment, and cloud protection.

Identifies security threats such as ransomware


Data Security
intrusions, exfiltration of sensitive data via endpoints,
Plus file activity anomalies to limit damage.

Tracks enterprise web traffic and enforces policies to


block
File Analysis is an enterprise file storage and security

Tamingthe growth of unstructured data

Locating and deleting junk files.


De-duplicating files.
Tracking enterprise storage trends.
File Analysis Analyzing file shares.

Identifying security vulnerabilities

Identifying privileged users.


Pinpointing files owned by stale, disabled, or deleted
users.
Locating files with weak permissions.
Cloud Security Plus is a comprehensive cloud
log management solution for Amazon Web
Services (AWS), Microsoft Azure, Salesforce,
Cloud and Google Cloud Platform.
Security Plus
It helps combats security concerns such as
data loss and unauthorized access in these
platforms
Know your competitor with advantages

ManageEngine SIEM comes with below by default

IBM QRadar

Privileged user activity monitoring reports


Compliance Reports as Add-on
File Integrity Monitoring of of file/folder changes
Editions
Thank you

You might also like