Cybanetix Advanced Log Manager (CALM) is a comprehensive Security Information and Events Management (SIEM) solution that enables organisations to log all their IT infrastructure events to a single platform. With a dynamic Threat Intelligence overlay and advanced security analytics capabilities, CALM offers the reporting, log management and analysis features that are needed to meet a wide variety of security compliance standards. The combination of a versatile SIEM platform, intuitive user interface and a simple, transparent licensing model enables organisations to monitor, detect and respond to breaches and malicious behaviours without the need for dedicated Security Analysts, thereby providing a lower TCO for Security Information and Event Management. Log All your data The commercial model and technical architecture of Cybanetix Adavance Log Manager (CALM) ensures a cost efficient approach to the collection of ALL logs within an organisation. Being able to collect user based activity logs is imperative to the detection of security breaches, as most breaches today happen at the end-point. Most SIEM platforms, while capable of logging data, are simply cost prohibitive as they charge based on consumption and/or data volume. CALM includes logging agents and syslog parsers to support all major operating systems and hardware vendors. Use your data CALM allows you to overlay threat intelligence data and advanced analytics to your event data. This overlay allows customers to generate tangible reports of threats on a network and at user level, which can then be acted upon without the requirement for SOC analysts and/or 24/7 monitoring of events. The security overlays available for CALM are:
- Threat Intelligence
- Advanced Threat Intelligence
- User Behavioural Analytics
- Cloud SaaS or On-premise delivery CALM can be delivered as hosted solution (deployed in Cybanetix private cloud environment) or as an on-premise solution deployed on customer specified hardware. This enables customers to procure and deploy a CALM solution to meet their needs and overarching strategies regarding the use of on-premise vs cloud based technologies. CALM is also available as SIEM as a Service
- Scales horizontally The database and the software architecture of CALM ensures that it scales horizontally, which enables Customers to start with a small deployment but then linearly scale their logging platform through the addition of hardware resources.
- Log from anywhere CALM supports logging from all major operating systems and has Syslog parsers for all major hardware vendors. Public Cloud solutions (IaaS) and SaaS based applications are also supported by native API integrations within CALM.
- Correlate events with 90m known threats With advanced threat Intelligence overlays from CTC or Anomali, events are enriched with live threat data allowing real-time threat detection and alerting.
- Tracks and Trends your user behaviour With an advance analytics overlay from Exabeam, user behaviour is tracked and baselined to form a pattern of ‘normal’ behaviour for any individual. Alerts are then generated if a users activity falls outside of normal parameters and/or they start acting maliciously.