Analytics, Automation & Reporting
Security and Event Management
A SIEM centrally collects data across an organization’s IT environment to gain real-time visibility into activity that may potentially introduce risk to the organization. It provides analysis of application, network and security event and log data in real-time to provide event correlation, threat monitoring and incident response.
Security Orchestration, Automation, and Response
SOAR refers to a collection of software solutions and tools that allow organizations to streamline security operations in three key areas: threat and vulnerability management, incident response, and security operations automation.
Third-Party Risk Monitoring software identifies risks presented through an organization’s relationships with third-parties, typically vendors. This tool is used as part of a broader vendor risk assessment process which should encompass and analyze many areas of business and information security risk.
Threat Intelligence Platform
A TIP automates proactive threat management and mitigation by aggregating, correlating, and analyzing threat data from multiple sources in real-time to support defensive actions. It addresses the growing amount of data generated by a variety of internal and external resources (such as system logs and threat intelligence feeds) and helps security teams identify the threats that are relevant to their organization.
User & Entity Behavior Analytics
UEBA tracks normal conduct of users to detect any anomalous behavior or instances when there are deviations from these “normal” patterns. UEBA uses machine learning, algorithms, and statistical analyses to know when there is a deviation from established patterns which could result in a real threat.
Vulnerability assessment tools are designed to automatically scan for new and existing threats that can target your organization’s IT data or network.