Analytics, Automation & Reporting

Security and Event Management

A SIEM centrally collects data across an organization’s IT environment to gain real-time visibility into activity that may potentially introduce risk to the organization. It provides analysis of application, network and security event and log data in real-time to provide event correlation, threat monitoring and incident response

Arctic Wolf      Exabeam      Fortinet      Rapid7 

Security Orchestration, Automation, and Response

SOAR refers to a collection of software solutions and tools that allow organizations to streamline security operations in three key areas: threat and vulnerability management, incident response, and security operations automation.

Arctic Wolf      Fortinet      Palo Alto Networks      Swimlane

Third-Party Risk

Third-Party Risk Monitoring software identifies risks presented through an organization’s relationships with third-parties, typically vendors. This tool is used as part of a broader vendor risk assessment process which should encompass and analyze many areas of business and information security risk.

Arctic Wolf     Recorded Future     Security Scorecard

Threat Intelligence Platform

A TIP automates proactive threat management and mitigation by aggregating, correlating, and analyzing threat data from multiple sources in real-time to support defensive actions. It addresses the growing amount of data generated by a variety of internal and external resources (such as system logs and threat intelligence feeds) and helps security teams identify the threats that are relevant to their organization. 

Palo Alto Networks      Recorded Future

User & Entity Behavior Analytics

UEBA tracks normal conduct of users to detect any anomalous behavior or instances when there are deviations from these “normal” patterns. UEBA uses machine learning, algorithms, and statistical analyses to know when there is a deviation from established patterns which could result in a real threat.  

Exabeam      Fortinet      Imperva      Rapid7      Varonis

Vulnerability Assessment

Vulnerability assessment tools are designed to automatically scan for new and existing threats that can target your organization’s IT data or network.

Rapid7      Tenable