New Gen SIEM Tool development
What we have done:
We have developed from our US MSSP client a reliable, fast and easy-to-use solution for Security Analysts and CISOs which helps to collect, per-process and forward logs for further analysis.
Its main benefits:
- a remote tool works with distributed systems monitoring and scanning.
- maximum secure: uses exotic protocols as LDAPS for monitoring and Kerberos for authentication and the common line.
- the implemented modules detect incidents by monitoring environment, network, and users.
- our Secure Incident and Event management Tool helps to do an incident investigation with dissolvable agents.
- the communication is performed with Virtual Appliance through VPN tunnels using encapsulation.
Get the Help You Need
Cybersecurity is our core expertise. Let’s get in touch and you will learn more about how UnderDefense can benefit your organization
How to detect CobaltStrike Command & Control communicationBy Bogdan VennykCobaltStrike became part of the Cybercrime’s “toolset” almost in every Company breach. This growth is explained by the fact that CobaltStrike was leaked multiple times and became more...
Detecting DGA domains: Machine Learning approachBy Alexander RagulinIn this post we are going to take a look at Domain Generation Algorithms (DGA) and an interesting way to detect them with the help of Deep Learning (LSTM neural net, to be precise). DGA domains are...
Supply Chain Cyber-Attack Risk Mitigation for Software Tech firms and Insurance domainSupply Chain Cyber Resiliency is emerging as one of the top risk management challenges needing addressed by the InfoSec industry in 2021By Nazar TymoshykCEO at UnderDefenseCurrent...